Blog

How to detect filtered (and opened) outgoing ports on a network?

Sysadmin Offensive Security

Sometimes you want to access services running on unusual ports, like a SSH server running on port 2222 for example. If connection fails, how can we detect the outgoing ports that are filtered or open on the network?

Read
Cyber Summer School

News

Our colleagues from the Cyber Command of Belgian Defense organize a Cyber Summer School. This training will give you the opportunity to spend five days with our cyber experts and to improve your cyber skills. And of course, they also have social activities planned to occupy your evenings!

Read
Whisper: Speech-to-Text AI

AI Python Tools

For a few months, many new AI tools are released every week (if not every day). This AI model trend began with models able to generate images from a text prompt: MidJourney, Stable Diffusion, and DALL-E for example.

Read
We are looking for (another) new colleague!

News Jobs

We are currently hiring a Researcher in Cybersecurity to work on the project SLATE - Self Learning Attack surface Explorer.

Read
Install and use Python on Windows with Anaconda

Python Windows

Today a lot of tools and scripts are written in Python (or in Go, let's be honest). If you want to run these on your Windows computer, well you'll have to install Python. But between the different versions, the libraries, and managing the PATH, the task can be quite of a challenge! In this blog post we show how Anaconda can help...

Read
We are looking for a new colleague!

News Jobs

We are currently hiring a Researcher in Cyberdefense to work on the project Using blockchain to secure the software supply chain.

Read
Adv-Bot: Realistic Adversarial Botnet Attacks against Network Intrusion Detection Systems

Publication Offensive Security

Due to the numerous advantages of machine learning (ML) algorithms, many applications now incorporate them. However, many studies in the field of image classification have shown that MLs can be fooled by a variety of adversarial attacks. This raises many questions in the cybersecurity field, where a growing number of researchers are recently investigating the feasibility of such attacks against machine learning-based security systems, such as intrusion detection systems.

Read
Cyber Security Challenge : Congrats!!

CSC News

Congratulations to the team Royal Military Hackademy who won the Cyber Security Challenge 2023!

Read
SQLMap : additional techniques

Offensive Security Cylab Play

In a previous blog post, we have explained what SQL injection is, and how to exploit it using sqlmap. In this blog post, we will show some additional techniques: how to exploit web applications that use clean URLs, how to exploit a POSTed form, how to hide traces etc.

Read
Cyber Security Challenge : Qualifiers

CSC News

The qualifiers of the Cyber Security Challenge 2023 took place last week-end. Congratulations to the teams from the Royal Military Academy and the Université Libre de Bruxelles who ranked 1st, 4th and 5th, out of almost 300 participating teams!

Read
Fully customizable emails using Laravel 9

PHP Laravel Cyber-Wise

With the release of Laravel 9, the Swift Mailer (that is no longer maintained) has been replaced by the Symfony Mailer. You can already find some useful information about this change along all the other ones in the Upgrade Guide from Laravel 8.x to 9.0. However this guide does not contain enough information if you want to send fully customized emails. This blog post proposes you a solution coming directly from the Symfony documentation!

Read
Web shells and the dangers of unrestricted file upload

Cylab Play Offensive Security

In previous blog posts, we have already illustrated two web application vulnerabilities: brute force login cracking and SQL injection. In this post we illustrate a 3rd vulnerability, unrestricted file upload, and show how it can be exploited using a web shell.

Read