Just Hacked On

Just Hacked On Hacking is a talent. You won't learn it at school.

Completed a hands-on lab analyzing a malicious browser extension. Below are the concise technical observations.URL obfus...
02/11/2025

Completed a hands-on lab analyzing a malicious browser extension. Below are the concise technical observations.

URL obfuscation: Base64 encoding.

Exfiltration vector: element (new Image() → src GET request`).

Sandbox/VM check (first trigger): navigator.plugins.length === 0.

Keystroke capture: document.addEventListener('keydown', ...) → event.key.

Encryption used: AES (CryptoJS.AES.encrypt) with IV; result base64-encoded.

Credential access: FormData API to read submitted username/email and password; uses window.location.hostname for context.

Takeaway
Simple but effective evasion and exfiltration techniques — great exercise in threat-hunting and chain-of-evidence extraction.

Steganography & RC4 Encryption – Hide Malware in PNG Like a Pro | Live Webinar | Team JustHackedOnEver wondered how hack...
10/08/2025

Steganography & RC4 Encryption – Hide Malware in PNG Like a Pro | Live Webinar | Team JustHackedOn

Ever wondered how hackers hide malicious code inside images? 📂🖼
Join our live webinar where we’ll explore Steganography and RC4 Encryption with IDAT Chunks – a real-world technique used in cyber attacks.

💡 What you’ll learn:

Steganography 🕵️‍♂️

Using IDAT chunks in PNG files for data hiding

RC4 encryption for securing hidden payloads

Real-world ethical hacking use cases

📅 Date: 13th August 2025
🕘 Time: 9:00 PM
📍 Hosted by Just Hacked On – Security Just an Illusion

🚀 Don’t miss this chance to level up your cybersecurity skills!

🛡️ Malware Analysis: Real-World Payload HuntingRecently, I analyzed a suspicious network indicator pointing to a potenti...
07/08/2025

🛡️ Malware Analysis: Real-World Payload Hunting

Recently, I analyzed a suspicious network indicator pointing to a potential loader

📌 Key Steps I Took:

Collected network artifacts (pcap/scripts)

Identified encoded PowerShell loaders and decoded them

Reconstructed the dropped .exe payload from hex strings inside the PowerShell script

Verified the SHA256 hash:

1eb7b02e18f67420f42b1d94e74f3b6289d92672a0fb1786c30c03d68e81d798

Uploaded the sample to VirusTotal to confirm it

Retrieved the Alibaba malware family label

📂 Outcome:
→ Discovered the sample used fileless techniques and persistent ex*****on via scheduled tasks and VBScript
→ Learned how .jpg extensions can be abused to bypass basic filters

🔍 This was a hands-on case study in:

Script deobfuscation

Payload reconstruction

Threat intelligence enrichment

🧠 Stay curious, analyze everything.

Pros and Cons of Using Hydra Tool 🛠️Evaluate Hydra tool use! Enjoy efficient testing and customizable options, but consi...
04/08/2025

Pros and Cons of Using Hydra Tool 🛠️

Evaluate Hydra tool use! Enjoy efficient testing and customizable options, but consider legal risks and ethical concerns. Perfect for cybersecurity pros! 🕵️‍♂️

Step-by-Step Web Login Brute Force with Hydra 🚪Follow the web login brute force process with Hydra! From specifying cred...
04/08/2025

Step-by-Step Web Login Brute Force with Hydra 🚪

Follow the web login brute force process with Hydra! From specifying credentials to executing the attack, enhance your security testing skills. Get started! 🔐

Explore Hydra’s Versatility in Pe*******on Testing 🌐Discover Hydra’s power in pe*******on testing across Telnet, FTP, SS...
03/08/2025

Explore Hydra’s Versatility in Pe*******on Testing 🌐

Discover Hydra’s power in pe*******on testing across Telnet, FTP, SSH, HTTP, RDP, and SMB! Boost your cybersecurity expertise with versatile tools. Dive in! 🛡️

Master Hydra Commands Configuration Guide 💻Learn to configure Hydra commands for single or multiple usernames and passwo...
03/08/2025

Master Hydra Commands Configuration Guide 💻

Learn to configure Hydra commands for single or multiple usernames and passwords! Enhance your pe*******on testing skills with this step-by-step guide. Start now! 🔧

Brute-Force vs. Manual Testing: Which is Better? 🔐Compare brute-force and manual testing for login security! Brute-force...
02/08/2025

Brute-Force vs. Manual Testing: Which is Better? 🔐

Compare brute-force and manual testing for login security! Brute-force is fast and parallel but detectable, while manual testing is slower yet less detectable. Choose wisely! 🛡️

Bypass Firewalls with Nmap Techniques 🔥Learn Nmap firewall bypass techniques like packet fragmentation, MAC spoofing, de...
02/08/2025

Bypass Firewalls with Nmap Techniques 🔥

Learn Nmap firewall bypass techniques like packet fragmentation, MAC spoofing, decoy IPs, and random padding! Strengthen your ethical hacking skills today. 🛡️

Address

Gujranwala, Punjab
Punjab
52250

Telephone

+923196904514

Website

Alerts

Be the first to know and let us send you an email when Just Hacked On posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to Just Hacked On:

Shortcuts

Share