Tools & Tutorials · 29 articles

Tools & Tutorials

Step-by-step tool guides — BloodHound, Burp, Metasploit, NetExec, Impacket.

Tools & Tutorials

sqlmap Advanced Workflow: From Identification to System Access

sqlmap as one stage in a workflow — manual SQLi identification first, targeted exploitation with --level/--risk, tamper scripts for WAF bypass, --os-shell…

Apr 25, 2026 · 3 min read
Mobile Pentest

Android Frida: SSL Pinning Bypass and Runtime Hooking in 2026

The practitioner workflow for Android pentesting with Frida 16+ — SSL pinning bypass, root detection bypass, runtime function hooking, and the layered…

Apr 25, 2026 · 4 min read
Cloud Security

Kubernetes Pentest: Top 10 Misconfigurations We Find in Indian Production

The 10 Kubernetes misconfigurations we routinely find — default ServiceAccount tokens, privileged containers, hostPath, broad RBAC, insecure API server, unencrypted etcd, no…

Apr 25, 2026 · 4 min read
Red Teaming

Wireless Pentest in 2026: WPA3, PMKID Attacks, Evil Twin

Wireless attacks that work in 2026 — WPA3 transition mode, Dragonblood, PMKID extraction, evil-twin captive portals, EAP-TLS misconfiguration, EAP-PEAP/MSCHAPv2 cracking. Toolchain and…

Apr 25, 2026 · 4 min read
Red Teaming

Linux Sudo Privilege Escalation: 8 Paths You Need to Know in 2026

Eight sudo-based Linux privilege escalation paths — shell-spawning binaries (GTFOBins), insecure script paths, env_keep PATH, LD_PRELOAD, wildcard expansion, writable binaries, sudo CVEs…

Apr 25, 2026 · 6 min read
Tools & Tutorials

Burp Suite Professional Workflow: How Senior Pentesters Actually Use It

Most engineers use Burp like a glorified intercepting proxy. Senior pentesters use it as a programmable workbench — macros, session-handling rules, Intruder…

Apr 25, 2026 · 6 min read
Cloud Security

AWS IAM Privilege Escalation: 7 Paths from Read-Only to AdministratorAccess

From a leaked low-privilege AWS access key to AdministratorAccess in eight minutes. Seven well-known IAM privilege escalation paths — CreateLoginProfile, AttachUserPolicy, PutPolicy,…

Apr 25, 2026 · 6 min read
Tools & Tutorials

JWT Attacks in 2026: alg:none, RS256-to-HS256, JWKS Injection — Still Working

JWT done with library defaults from 2017 is a privilege-escalation primitive. Seven attack variants — alg:none, RS256-HS256 confusion, weak HMAC, JWKS injection,…

Apr 25, 2026 · 6 min read
Red Teaming

Bypassing AppLocker and WDAC with LOLBins: A 2026 Field Guide

Microsoft signs hundreds of binaries that ship with Windows. Many can execute arbitrary code under AppLocker. This is the practitioner's catalogue of…

Apr 25, 2026 · 6 min read