Home
About Us

Sign in

Featured

Build your Phishing-as-a-Service

Wake Up Your Power!

Nothing, Nguyễn Mạnh Cường, Minh Duong

14 Feb 2025 • 3 min read

This post is for subscribers only

Subscribe now

Already have an account? Sign in

Android Pentest Series: Double encrypt Mobile API (Not only AES but also RSA)

Breaking encrypted traffic with RSA and AES in Android application

12 Mar 2025 10 min read

Evilginx 102: Hacker’s Blueprint - Building the Ultimate Phishing Infra

In our previous post, Evilginx 101: Introduction to Modern Phishing & Adversary-in-the-Middle Attacks, we explored how Evilginx2 works as a powerful Adversary-in-the-middle (AitM) framework for phishing attacks. Now, let’s dive deeper into the attacker’s perspective and understand how to build an effective phishing infrastructure that can bypass multi-factor

08 Mar 2025 7 min read

Trigrep - Automated Security Scanning for Source Code with the Power of Semgrep and Trivy Integration

Understanding SAST and SCA * SAST (Static Application Security Testing): This technique analyzes source code, bytecode, or binary code for vulnerabilities without executing the application. It is useful for detecting security issues such as injection flaws, insecure coding practices, and hardcoded credentials. * SCA (Software Composition Analysis): SCA scans third-party dependencies and

15 Feb 2025 7 min read

TeamTonTac © 2025

Sign up

Powered by Ghost