Hello, World! In this article, we will dissect the most popular Python reverse shell one-liner that is used in ethical hacking to obtain remote command execution on a target machine. We will go through the one-liner, line-by-line, to understand how we can use built-in Python modules and how we manipulate Linux file descriptors to achieve remote access to a machine. Let’s do it!

This is the one-liner we will discuss:

And this is the prettified version of the one-liner above that will we refer to throughout this article:

The Reverse Shell

Establishing a Connection

The very first objective of this Python one-liner is to…

Hello, World! In this tutorial, you will learn how to create stored procedures in MySQL and then how to invoke these stored procedures using Python. SQL injection is by far one of the most dangerous vulnerabilities that a web application can have and is in fact ranked as the number one vulnerability in the OWASP Top 10 list under the category of Injection. Many of the breaches and data dumps that you often hear about in the news were possible because of a SQL injection flaw that existed in an application. …

Hello, World! In this article, I will demonstrate how you can use Python to create a simple file canary that sends an email to your Gmail account whenever a specified file is accessed. More specifically, in this tutorial, you’ll learn how to send emails and extract file information with Python and then use these capabilities to implement a simple file canary. Let’s get started by understanding what canaries are and how they are used in cybersecurity.

What are Canaries?

Back in the day, when coal mining was a widespread profession, coal miners would bring hundreds of canaries with them into coal mines. Because…

Hello, World! In this article, you will learn how to use the Go programming language to create a Phishing website. We will use Go’s built-in net/httppackage and the third-party gorilla/mux package for handling all of the necessary HTTP functionality. You will also learn how to use the wget command-line tool to clone a target website and also how to make the necessary modifications to the target website’s index file so that we can gather some credentials! Let’s get to it!

DISCLAIMER: do not use the information contained in this article for malicious purposes.

Cloning our Target Login Page

The target login page chosen for this…

Hello, World! In this article, I will demonstrate a proof of concept Python “virus” that infects other Python files with backdoor code. The Python script uses Python’s built-in socket module for creating a listener to connect to and Python’s built-in subprocess module for executing commands on the victim machine, while also establishing persistence by creating a cronjob to run the malware every day at 13:37 pm. The final Python script is included towards the end of this article. Let’s get started by understanding the most important part of any backdoor: establishing communications.

ATTENTION: Please do not use the Python script…

Hello, World! In this tutorial, you will learn how to use Python to interact with the Windows API and in particular how to access and manipulate the memory of a running process. I will begin by introducing some of the Windows API functions I’ll be using in the final Python script provided towards the end of this article. Let’s get started!

Windows API Functions for Process Manipulation

Although the Windows API functions we are about to use should work, depending on the antivirus solution being used, these functions can also be flagged as malicious because of how often they are used by malware to do exactly…

Hi! In this tutorial, I’ll show you how to access the Windows Registry with Python.

For this tutorial, we will not need to install any dependencies because Python has a module that we can utilize to achieve our goal, which will be introduced later. At the end of the article, an example Python script is provided that extracts potentially important forensic information from the Windows Registry. Let’s get to it!

What is the Windows Registry?

The Windows Registry is a tree-structured database that contains critical information for all users on a Windows operating system. There are several folders that make up the root of the…

Backdoor: “An undocumented way of gaining access to a computer system.”

Hello, Reader! In this article, I will give a high-level summary of FireEye’s detailed report on the SUNBURST malware — the malware used as the payload for the trojanized update that was rolled out for SolarWind’s Orion software. Before diving into the inner workings of the malware, let’s discuss how this malware was distributed to thousands of SolarWind’s Orion customers via a supply chain attack.

The SolarWind’s Supply Chain Attack

The hackers (currently being tracked as UNC2452 by FireEye) behind SolarWind’s supply chain attack compromised the update servers responsible for storing and distributing the…