Just a preliminary word for the HZV team.
HZV is an non-profit organization.
HZV only is able to produce leHACK because of the support of adherent members and hard benevolent work from the team.
If you're interested in supporting HZV, you can...
MORE ↦In the fall of 2017, in response to the WannaCry outbreak, Microsoft implemented Ransomware Protection in Windows 10 as a countermeasure. The basis of the ransomware protection is Controlled Folder Access, but this feature is full of holes and many...
MORE ↦Today most of serious mobile applications relay on industrial-grade software protection tools to detect and slow down reverse engineering. It forces attackers to waste a precious time bypassing obfuscation and RASP before deep diving into app speci...
MORE ↦Demonstrate different kind of structures in the binaries as a PE (header and your sessions) , ELF (header and your sessions), PDF(header/ body/cross-reference table/trailer), explaining how each session works within a binary, what are the technique...
MORE ↦Organizations are increasingly relying on cloud services from Azure, as there is native support from Microsoft. After obtaining Domain Admin privileges, it is essential to always think of attack paths or scenarios to escalate our privileges or desc...
MORE ↦More to come.
A "notorious hacker" by FOX25 Boston, "World Class Hacker" by National Geographic Breakthrough Series and described as a "paunchy hacker" by Rolling Stone Magazine. He however prefers if people refer to him s...
MORE ↦Sous Windows, l'authentification est gérée par le processus Lsass. La plupart du temps lorsqu'un attaquant compromet une machine il va tenter de dumper la RAM du processus LSASS dans le but d'en extraire les secrets d'authentification présents. Il...
MORE ↦│║ SAP Focused Run is the brand new product in the SAP world. Introduced in │║ 2020 it is the replacement of the current well known SAP Solution Manager. │║ It is a dedicated type of SAP System to manage all others in the company │║ landscape....
MORE ↦In today's world, we have a modern and stable web application framework to develop on. That is already so much secured from the attacks, regardless of the OS. If you design the system properly, attacker cannot injection the system. Or attacker cann...
MORE ↦Qu'est-ce que l'environnement ICS ? Protocoles différents des protocoles "traditionnels", souvent hérité de communication "bus" non IP Équipements différents : Automates, Convertisseur IP/Série, Capteurs etc... Une maturité cyber très variable Pour...
MORE ↦The talk revolves around one of the most extreme Red team exercises us hackers ever did wherein the target was a billion-dollar pharmaceutical company dealing in all sorts of modern medicine. We were mandated to showcase control of the CROWN JEWELs...
MORE ↦Les service de domaine Active Directory offrent un enchevêtrement de mécanismes et protocoles complexes, dont la délégation Kerberos. Les délégations Kerberos permettent à des services d'obtenir l'accès à des ressources du domaine en tant qu'un aut...
MORE ↦Avoir un shell root sur un équipement connecté via l'exploitation d'une ou de plusieurs vulnérabilités semble être le Graal de tout chercheur en sécurité, qui de fait considère la sécurité du système comme étant complètement réduite à néant une foi...
MORE ↦Créer des comptes sur les réseaux sociaux de manière anonyme et peu coûteuse a toujours été compliqué, au vue du nombre de sécurités mises en place.
Le besoin est pourtant bien présent pour les red teams, investigations osint ou des hacktivistes....
MORE ↦Passwords should be long enough, complex enough, and unique to each site. Unfortunately, our memory is limited and we cannot remember such passwords. This is where password manager come into play. The basis of password manager is that it centrally...
MORE ↦Plusieurs fois par an, ZDI organise un concours appelé Pwn2Own dans lequel des chercheurs en sécurité doivent prendre le contrôle de matériel et logiciel grand public. Cette conférence explique la démarche utilisée par Mitsurugi et xarkes lors de c...
MORE ↦In today modern network, many technologies used to bring a high rate and stable communication between end users. Network infrastructure is heart of communication, which include all nodes and passing traffic. Therefore, it is vital to protect infras...
MORE ↦In this talk, we will try to get a basic understanding of Prototype Pollution: A type of vulnerability that allows attackers to exploit the rules of the JavaScript programming language and compromise applications in various ways. So, how does this...
MORE ↦A talk by Alexandre {MrJack} Triffault // Jean-Christophe {VidoQ} Cuniasse
Les films laissent souvent penser qu'on ouvre un Coffre Fort en écoutant les clics, mais en réalité le plus souvent, c'est à l'oeil et au toucher que le travail se fait.
... MORE ↦What we perceive sometimes to be happening sometimes can be the opposite of what is occurring. We are not talking about magic tricks. Just how as humans we tend to see things we expect to see. Like an unknown person in your office with a clipboard...
MORE ↦Malware continues to advance in sophistication and prevalence. Well-engineered malware can obfuscate itself from the user, network, and even the operating system running host-based security applications. But one place malware cannot easily hide its...
MORE ↦
