Security Guides
Deep-dive playbooks, startup fundamentals, enterprise hardening.
Customer Account Takeover (ATO) in Indian Banking: Kill Chain and Detection
The 7-step ATO kill chain — credentials, auth, OTP capture, account exploration, beneficiary addition, transaction, mule chain. SQL detection at each step…
Security GuidesUPI Fraud Patterns in 2026: Collect-Request, QR-Swap, SIM-Swap
Dominant UPI fraud patterns — collect-request scams, QR-swap at merchants, SIM-swap leading to OTP capture, KYC scams, mule account chains. NPCI controls…
Security GuidesSharePoint CVE-2024-38094: Why On-Prem SharePoint Stays a Target
SharePoint Server's recent CVE roster — 2019-0604, 2023-29357 chain, 2024-38094 — shows the on-prem attack surface persists. Detection, mitigation, and the migration…
Security GuidestheHarvester and Recon-ng: OSINT Toolchain in 2026
theHarvester for breadth-of-source aggregation; Recon-ng for workflow continuity across investigation. Where they fit alongside modern tools (subfinder, amass, SpiderFoot, Maltego) in 2026…
Security GuidesMOVEit Transfer (CVE-2023-34362): The Cl0p Mass Exploitation Story
Cl0p exploited MOVEit Transfer's SQLi as a zero-day, compromising 2,000+ organisations including Indian-market third parties. The vulnerability, why it spread so far,…
Security GuidesConfluence CVE-2023-22515 / 22518: When Internal Wikis Become Ransomware Targets
Two Atlassian Confluence CVEs in late 2023 enabled mass-exploitation by ransomware operators. Bug walkthrough, IoCs, mitigation, and the migration question for Confluence…
Red TeamingOSINT Methodology for Pentesters: The 2026 Toolchain
Practitioner OSINT methodology — subdomain enumeration with subfinder/amass, live discovery with httpx, vulnerability scanning with nuclei, people enumeration with theHarvester, GitHub secrets…
Red TeamingSock Puppet Accounts for OSINT Investigations: OPSEC and Ethics
Operational sock puppet accounts for OSINT — the OPSEC stack (browser profile, VPN, email, phone, fingerprint), believable persona building, attribution mistakes, legal/ethical…
Red TeamingEvilginx2 + AiTM Phishing: How Modern Attacks Defeat MFA
Adversary-in-the-Middle phishing captures both credentials and session cookies during auth flow — defeating traditional MFA. How AiTM works, detection limits, and why…
Red TeamingBrowser-in-the-Browser (BitB) Phishing: Why Users Still Fall for It
BitB renders fake browser popup windows inside the actual browser tab. Users see legitimate URLs in the fake popup and trust them.…