Creating a Fake WhatsApp Message via SQLite: Understanding the Logic Behind the Manipulation
2025-07-28
In this article, we explore the technical mechanism behind adding a fake WhatsApp message directly into the msgstore.db SQLite database. This manipulation allows a message to appear as if it was sent by the other party, even though it was never actually transmitted.
PDF malicious code injection and PDF dropper (ADOBE)
2024-07-25 17:30:12
PDF files are often considered static documents by most people. However, the PDF standard allows for the execution of JavaScript code within the document. This feature offers various attack vectors that can be used for Red Team tests and cybersecurity research. In this article, we will examine how to inject JavaScript into a PDF file to download a file from a specific URL and establish a Command and Control (C2) connection using this method.
CVE-2024-7014 RETURN: UPDATED EVILLOADER
2025-03-04
This article examines a vulnerability scenario that mimics CVE-2024-7014, where an .htm file disguised as a video is sent via the Telegram API. The user expects a video, but instead HTML-based JavaScript code is executed.
Matkap - hunt down malicious Telegram bots
2025-02-22
Matkap is a powerful tool designed to infiltrate and monitor Telegram bots by utilizing the Telegram Bot API and Telethon.
It automates the process of capturing messages from malicious bots and forwarding them to your own account.
CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
2025-03-18
Technical Explanation of NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
When a specially crafted .library-ms file containing an SMB path is compressed within a RAR/ZIP archive and subsequently extracted, Windows Explorer automatically parses the contents of this file due to its built-in indexing and preview mechanism.
