This article demonstrates how to use eBPF to audit fileless command‑execution attacks and reverse‑shell techniques by tracing memfd_create, Kprobe/LSM hooks, dup2 redirections, and related kernel functions, providing concrete code examples and analysis of the detection logic.
This article walks through practical techniques for bypassing PHP's disable_functions, hiding attacker IPs, creating encrypted bash reverse shells, maintaining persistence with cron and screen, probing outbound ports, setting up internal network proxies, and cleaning forensic traces, all aimed at penetration testing and red‑team operations.
This guide explains how to create a Windows payload, evade antivirus detection using Metasploit encoders and UPX packing, host the malicious file on a Kali Apache server, test it with VirusTotal, and establish a reverse shell listener for successful exploitation.
This tutorial walks you through a complete web penetration test on the fictional site hack‑test.com, covering DNS enumeration, server fingerprinting, vulnerability scanning with Nikto and w3af, exploiting SQL injection via sqlmap, uploading a PHP webshell, gaining a reverse shell, and finally escalating to root privileges on a Linux server.
This article walks through the discovery, reverse‑engineering, and full reproduction of a malicious Nginx backdoor, detailing its cookie‑based trigger, shell‑reversal mechanism, code analysis, compilation steps, and detection methods for security researchers.
This article examines how small configuration errors in Docker‑based CI pipelines, especially when using services like AWS CodeBuild and Docker‑in‑Docker, can expose severe security risks, demonstrates real‑world attack steps, and provides practical mitigation strategies to harden the build process.
This article provides a comprehensive collection of reverse‑shell techniques—including Perl, Bash, Python, PowerShell, Java, and protocol‑specific methods like ICMP, UDP, and DNS—complete with command‑line examples, code snippets, and practical tips for both Linux and Windows environments.
This article demonstrates how to use Python to copy a malicious executable to the %TEMP% directory, modify the Windows registry Run key for persistence, and establish a Base64‑encoded reverse shell that connects back to a hard‑coded attacker IP, illustrating common Windows malware techniques.
