Shimit is a Python-based tool that facilitates the execution of the Golden SAML attack. This attack method allows an adversary to forge SAMLResponse objects, which are then used to bypass authentication and gain unauthorized access to applications relying on SAML for single sign-on. By crafting a signed SAMLResponse, attackers can impersonate any user and achieve Read More …
Category: Computers
SSTI – Server-Side Template Injection
One vulnerability in the world of web development to be aware of is Server-Side Template Injection. This type of vulnerability can have serious implications for web applications and services, especially those that serve mobile applications. What is SSTI? Server-Side Template Injection occurs when an attacker is able to inject malicious code into a template on Read More …
Tool Overview :: DNSDumpster
DNSDumpster is a free, web-based domain research and reconnaissance tool used to discover an organization’s internet-facing assets. In information security, it is categorized as a passive reconnaissance tool, meaning it gathers information from existing public records without directly interacting with the target’s servers. For a new security professional, it serves as an essential utility for Read More …
SCP – Service Control Policies
Service Control Policies are a feature of AWS Organizations that allow administrators to manage permissions across multiple AWS accounts in a centralized manner. SCPs provide a way to define the maximum available permissions for accounts within an organization, ensuring that security and compliance requirements are met while allowing flexibility in resource management. Organizations can enforce Read More …
Tools – validin-phish-feed
The validin-phish-feed is a GitHub repository that provides a feed of phishing domains, curated by the Validin Threat Intelligence Platform. Validin is a company that specializes in internet intelligence, offering services for threat hunting, brand protection, and incident response. Their platform aggregates and analyzes vast amounts of DNS data, host responses, certificates, registration data, and Read More …
Tool Overview :: altdns
While tools like subfinder or amass are excellent for finding known subdomains through public records, they often miss “hidden” environments like development servers or internal staging areas. This is where altdns becomes an essential part of the security toolkit. What is Altdns? Altdns is an open-source DNS reconnaissance tool designed to discover subdomains that follow Read More …
RDP – Remote Desktop Protocol
Remote Desktop Protocol is a proprietary protocol developed by Microsoft that allows users to connect to and control or manage a computer remotely over a network connection. RDP is commonly used in Windows environments, enabling users to access their desktops, applications, and files from anywhere, as long as they have an network connection. This technology Read More …
PQC – Post-Quantum Cryptography
The Quantum Clock is Ticking Most of our digital security rests on a mathematical “hard problem”: factoring massive prime numbers. For a classical computer, this task is like trying to find a specific grain of sand on a beach, it’s technically possible, but it would take longer than the age of the universe. However, a Read More …
SSH – Secure Shell
SSH, or Secure Shell, is a network protocol that allows users to securely access and manage devices over a network. It is widely used for remote administration of servers and network devices. SSH provides a secure channel over an unsecured network by using encryption, which protects the data being transmitted from eavesdropping and tampering. Key Read More …
Tool Overview :: subfinder
In our journey through DNS discovery, we’ve used active tools like dnsrecon and dnsenum that directly “touch” a target’s infrastructure. While effective, active probing can be noisy. To stay under the radar while gathering a massive footprint, we turn to subfinder. As of 2026, subfinder remains the gold standard for passive subdomain discovery. Developed by the Read More …