Razz Security Blog

Just another cybersecurity blog

  • A Complex E-commerce Site in Just a Month?

    ,

    The Story: Imagine developing a full-scale e-commerce website within an incredibly tight timeframe. Sounds challenging, right? Not for our team at Razz Security! We recently tackled the project of building TenderFreshMeat.net, an online marketplace, and successfully delivered the complete platform in just 30 days. Here’s how we made it happen. Our client needed a fully…

  • Case Study: Securing a Custom ERP Web Application

    ,

    Background: A client in the education and training sector partnered with Razz Security IT Services LLP to perform a security-oriented source code review for their newly developed ERP web application. The objective was to identify and mitigate potential vulnerabilities before the application was deployed in a production environment. Review Timeline: Review Methodology: We used a…

  • How Cybercriminals Exploit Human Psychology & How to Defend Against It

    The Cost of a Simple Mistake It was a regular Monday morning at a financial firm in New York. Sarah, a senior accountant, received an email that appeared to be from her CFO. The subject line said: 🚨 URGENT: Immediate Wire Transfer Required 🚨 At first glance, the email seemed professional—it had the company logo,…

  • Kioptrix Level – 1 Walkthrough | Vulnhub

    This walkthrough covers Kioptrix Level 1 from VulnHub, which is a boot2root challenge. You can download the machine from VulnHub. It is the first machine in the Kioptrix series, and the objective of this challenge is to gain root privileges and find the root user’s email. So, let’s start with some enumeration to identify our…

  • Windows 7 Penetration Testing (MS17-010) – EternalBlue SMB Exploit #2

    MS17-010, also known as EternalBlue, is one of the most infamous vulnerabilities in the history of Windows operating systems. It was publicly disclosed in March 2017 and rapidly weaponized by attackers around the world. EternalBlue exploits a vulnerability in Microsoft’s SMBv1 protocol, allowing remote code execution on unpatched systems—without authentication. This vulnerability gained notoriety after…

  • Windows XP Penetration Testing (MS08-067) – SMB Exploit #1

    MS08-067 was a major disaster in the history of technology for companies and tech professionals everywhere. It was disclosed by Microsoft on October 23, 2008, as part of a critical security update (Security Bulletin MS08-067). In late 2008 and throughout 2009, multiple worms—most notably Conficker—emerged using MS08-067 to self-propagate and infect millions of systems globally….

Copyright © 2025 Razz Security Blogs