Home
Node Security
Cancel

Modifying Source Code of JNLP Resources

This guide can be used when the goal is to modify the source code of the resource JARs used by a Java application that is launched via a JNLP file. The below guide assumes the application uses HTT...

Breaking out of Windows Environments

Collection of different things to try when attempting to breakout of a Windows environment such as Citrix, AWS AppStream, CyberArk PSM, etc. General Tips & Ideas Dialogs He...

External Information Gathering

Collection of tools, techniques, and payloads for external information gathering when performing an external security assessment. Subdomain Discovery & Enumeration Find Certifica...

General Encoder & Decoder

General encoder (and decoder) that can be used for various common encoding methods. Currently included decoding functions: Base64 HEX URL HTML ROT-N (1-25) Atbash String Reversal ...

Windows DNS & ARP

This page contains information and commands about viewing and clearing the DNS and ARP caches on Windows computers, as well as the hosts file. Hosts File DNS Cache (CMD) View DNS C...

Cryptographic Recommendation Summary

This post contains recommendation summaries for password security and cryptographic topics including password complexity & storage, hash functions, symmetric & asymmetric encryption, MACs, ...

Sequential Payload Generator

This tool generates a list of sequential payloads starting and ending at the specified numbers. These values can be arbitrarily large and outputted as integers, HEX values, or base64 encoded string...

XOR Encryption Cracker

This is a tool for breaking the encryption of messages that have been XOR encrypted using a repeated key. This method uses statistics (letter frequencies and use of common words, bigrams, and trigr...

Cracking WPA2-PSK with Hashcat

This post will cover how to crack Wi-Fi passwords (with Hashcat) from captured handshakes using a tool like airmon-ng. Install hcxtools Extract Hashes Crack with Hashcat Install hcxtools ...

Getting Started with airmon-ng

This post will show how to get started using aircrack-ng to discover wi-fi networks, capture handshakes, deauth clients, and crack passwords. Setup airmon-ng Install aircrack-ng Suit...

Cookies, Ports and Subdomains

This post will look at how browser cookies work when used on different subdomains and on different ports. Short Answer & Summary Cookie without Domain Attribute Same Domain Dif...

Interesting Algorithms

In this post we’ll look at some cool algorithms, methods & formulas that solve interesting problems. Fibonacci Sphere Example Code Sphere Projection UV...

Frida for iOS

Introductory guide on how to use Frida to analyse iOS applications at runtime to perform actions such as search for methods, hook methods, view & modify instructions, and view & modify regi...

Cryptography - Byte by Byte ECB Decryption

In this post we’ll cover how to attack an oracle function that encrypts user supplied data concatenated with an unknown string under ECB mode while using a constant but unknown key. This post will...

Cryptography - Breaking Repeating Key XOR Encryption

In this post we’ll cover how to decrypt messages that have been XOR encrypted using a repeated key, such as 84 d2 7a 09. The method we’ll be using to break the encryption uses statistics (letter fr...