Crack Faster, Hack Smarter: Custom Hashcat Module for Apache Shiro 1 SHA-512
Introduction During a recent assessment, we identified a server running Nexus Repository 3 that was vulnerable to CVE-2024–4956. This […]
Blog
Blog
EvilGophish’s Approach to Advanced Bot Detection with Cloudflare Turnstile
Introduction Bots pose a significant threat to the integrity of phishing infrastructure, primarily by automating detection and countermeasures that can
Blog
Weaponizing Windows Thread Pool APIs: Proxying DLL Loads Using I/O Completion Callbacks
In today’s blog, we are going to be covering the topic of proxying DLL loads using the Windows thread pool
Blog
Smishing with EvilGophish
Introduction to Smishing: Understanding SMS Phishing Tactics In the evolving landscape of cybersecurity threats, smishing—or SMS phishing—stands out as a
Blog
Stealing the Bank Vault Codes via Insecure Microsoft Default Settings
The blog is actually hosted here from the perspective of a colleague and myself.
Blog
Simple Thread Stack Spoofing in Assembly
A while ago I came across this technique for thread stack spoofing by Mariusz Banach. I wanted to see if I
Blog
QR Code Phishing with EvilGophish
In the evolving landscape of cybersecurity, adversaries are continually seeking innovative methods to bypass traditional security measures. One such method