Privia Security was chosen as one of Türkiye's fastest growing companies!

Read the News Read the News
TR EN
PRIVIA

The Power Behind Industry Leaders

Blog

If you need a strong, experienced and talented team, you are in the right place!

Featured Blog

Blog

2 October 2020

What Is the Zerologon Vulnerability?

In August 2020, a security vulnerability with the code CVE-2020-1472 was disclosed — one for which Microsoft had released a patch and which directly affects the Domain Controller machine in an Active Directory environment. The CVSS score of the vulnerability, named Zerologon, was stated as 10 out of 10. An attacker exploiting the Zerologon vulnerability […]

Read More
Example Blog

Blog

24 September 2020

In-Depth XSS Attack Techniques – Part 3

Once the XSS vulnerability has been understood at a fundamental level, what can be done using the XSS security vulnerability and what attackers can do on the target system in the event of a potential attack are described below. XSS via File Upload Users may be required to upload photos, files, or similar objects to […]

Read More
Example Blog

Blog

21 September 2020

PriviaHub Bead Machine Solution

This article describes the solution of the BEAD machine available on the PriviaHub platform. The write-up was prepared by the PriviaHub user “CEngover”. This machine, which is medium-3 level and runs the Ubuntu operating system, was shared specially for PriviaHub’s first anniversary. The solution steps for the machine are provided below. A scan of the […]

Read More
Example Blog

Blog

17 September 2020

In-Depth XSS Attack Techniques – Credential Capture

If a web page contains a Stored XSS vulnerability, attackers can use this vulnerability to obtain users’ credentials. An attacker who can trigger the XSS vulnerability can trick users into providing their credentials by embedding malicious code tailored to the website into the web page. A Stored XSS vulnerability can arise when user inputs are […]

Read More
Example Blog

Blog

15 September 2020

In-Depth Introduction to XSS Attack Techniques

Incorrect server-side and code-side configurations in dynamic websites can give rise to various types of vulnerabilities. Attackers can exploit these vulnerabilities to execute code on target systems, expose data, and carry out other attacks. One such security vulnerability is XSS (Cross-Site Scripting). An attacker who exploits an XSS vulnerability can steal the credentials of users […]

Read More
Example Blog

Blog

21 August 2020

iSMET (A)Symmetric Meterpreter Encryption Tool

For penetration tests we need many tools and we develop our own specialised tools. At the very top of this list, without exception, come the tools we use for “Malware Development” or, put another way, for “bypassing Anti-Malware products”. Cybersecurity is one of the fastest-evolving sectors. The cybersecurity sector, which is becoming deeper and more […]

Read More
Example Blog

Blog

6 July 2020

Using ETAG for Open Source Intelligence (OSINT)

Today’s business world continues to evolve towards technologies that have become increasingly complex structures, and where we are forced to deal with big data. Naturally, in order to protect and safeguard our assets we are obliged to use much more effective methods and to spend much more money and time. Of course, this situation can […]

Read More