Category Archives: Hacking

Blank Image

Safer Internet Day 2020

February 11 is Safer Internet Day and the theme for this year’s is “Together for a better internet”. Safer internet day is celebrated globally to promote the safe and positive use of digital technology for children and young people and inspire a national conversation. Subsequent, to our review of Data Breaches in 2019. We are […]...
HackingMalwareThreat Intelligence
Blank Image

Emotet Malspam Q4, 2019 campaign.

Starting from late November, 2019 till now (9th December, 2019), the NaijaSecForce team detected a surge in Emotet spam campaign targeting corporate mailboxes within Africa and Globally. Emotet is not new as it was first recorded in 2014. Emotet is an extremely sophisticated and destructive banking Trojan used to download and install other malware. ...
EDRHackingRed Teaming
Blank Image

Winning Your ‘Arguments’ with EDRs.

A recent client engagement had me thinking about ways to evade security tools that rely heavily on command line arguments. During a red team task, I wanted to dump the SAM database of the victim’s system, but I knew that commands such as “reg save HKLM\SAM SAM” would easily be caught by the installed EDR. […]...
HackingRed Teaming
Blank Image

Red Teaming with Covenant and Donut

Overview Red Teaming has rapidly transitioned from Living off the Land (LotL) to Bringing Your Own Land (BYOL). It is now possible to execute .NET assemblies entirely within memory. By developing custom C#-based assemblies, attackers no longer need to rely on the tools present on the target system; they can instead write and deliver their […]...
Blank Image

Pyrogenic – The JAR-Based Malware Spreading Across Africa and the Middle East

Time Frame 3rd November, 2019 – Current Overview The NaijaSecForce team have detected a new wave of malware spreading across Africa and the Middle East. This malware comes in form of a spam campaign targeting corporate mailboxes within Africa and the Middle east. We started receiving reports of this malware campaign on the 3rd of […]...
Blank Image


This article was written for eForensics Magazine USB Mass Storage devices come in several small sizes, capable of usage as attack tools against any group or organization. To this effect, researchers from Ben-Gurion University in Israel have discovered 29 ways USB devices can be used to attack and compromise computer systems. Likewise, the Insider Threat […]...
HackingReverse Shell
Blank Image

There is a shell in your lunch-box

My team was recently engaged by a client (HackMe) to perform a black-box external penetration test. The objective was simple – see how susceptible the organization is from an external point of view and test the effectiveness of the security controls that are managed enterprise-wide. As such, asides, the company name, we were given “ZERO” […]...