Hackercool Magazine is a beginner-focused ethical hacking magazine that simplifies real-world cyber attacks, red team thinking and cybersecurity concepts safely and legally. Designed for learners who want understanding, not hype.
Edition 8 Issue 1 Hello, aspiring ethical hackers and Red-team wannabes. Welcome to the New Year 2025. May this year bring you happening and success in abundance. We are happy to announce that beginning with this Issue, Hackercool Magazine has moved on to 8th edition after successfully completing 7 editions. This achievement wouldn’t have been possible without your help. Thanks for the interest you have shown in our magazine all year round. While reading the first issue in edition 8, you will notice some changes. Yes, we have made some changes to the design of our Issue. This is in response to many of our readers feedback saying that the magazine looks bland and mundane. So, we thought it is the best time to make our magazine more attractive to…
Threat actors around the world have been using SFX archives for dropping and loading malware. Most infamous of them being Gameradon APT and most recent being Gamacopy group. Therefore, it is very important to check the security of the organization in terms of employees falling for this tactic. In RedTeam hacking, SFX archives provide a simple and effective method to gain initial access on a target network when all other entries or initial access are blocked. So, in this month’s Issue of Hackercool Magazine, you will learn how to create SFX archives with 7Zip and WinRAR to drop payloads and gain access on a target network. What are SFX archives? SFX archives or self-extracting archives are computer executable programs that combine compressed data in an archive file with machine executable…
SonicWall’s Secure Mobile Access (SMA) appliances offer complete security for remote access to corporate resources hosted on-prem, in cloud and in hybrid datacenters. The SonicWall Secure Mobile Access is used by medium to large businesses. A new vulnerability has been detected in one of its SMA appliances. The vulnerability affects SonicWall SMA1000 Appliance’s Manager Console (AMC) and Central Management Console (CMC). About the vulnerability The vulnerability being tracked as CVE-2025-23006 is rated as critical with CVSS score of 9.8. It is vulnerability that can allow remote unauthenticated attackers to execute malicious OS commands on the appliance under specific conditions. The impacted SMA1000 models include, SMA6200, SMA6210, SMA7200, SMA721 0, SMA8200 v (ESX, KVM, Hyper-V, AWS, Azure) Ex6000, Ex7000 and Ex9000. The vulnerability doesn’t affect SMA100 series products. The vulnerability affects…
Hello, aspiring ethical hackers. In this month’s “Hacking Tool” feature, you will learn about an Remote Administration Tool (RAT) that allows you to control your devices on a browser. Spark is a free, safe, open-source cross platform and fully featured Remote Administration Tool (RAT) that allows you to control all the devices from a browser. Written in Go, it can be installed on Windows, Linux and Mac OS. Like any other RAT, this RAT too has two components server and client. Server works on the attacker’s system, while client should be sent to the target user. Let’s see how this tool works. For this tutorial, I am installing it on Kali Linux as it works as our attacker system. Our target system is Windows 10. To install the Spark server,…
Cacti is an open-source performance monitoring, network monitoring, fault and configuration management framework. Primarily used by Telco providers, network operation centers and web-hosting providers to display bandwidth statistics for their customers, Cacti allows a user to poll services at predetermined intervals and graph the resulting data. A vulnerability has been detected in Cacti recently. About the vulnerability The vulnerability tracked as CVE-2025-22604 and having a CVSS score of 9.1 of maximum 1 0 could allow an authenticated attacker to achieve remote code execution on vulnerable instances. The vulnerability is present in result parser of multi-line SNMP. It is present in how cacti processes SNMP responses. Here’s how the technicalities of this vulnerability work. The cacti-snmp-walk () function uses exec-into-away () function to process multi-line SNMP results in to an array.…
The latest version of Parrot security OS, Parrot Security 6.3 has been released recently. Let’s see what’s new in the latest release. Latest feature to be excited about The only feature that brings more excitement to penetration testers and ethical hackers while waiting for a new release of an ethical hacking distro is the addition of new tools. The latest release of Parrot OS has a few of them. The makers of this OS have added CAIDO tool to the latest release. CAIDO is a light weight web Security auditing tool. They have also added Seclistslite to this release. Apart from adding new tools they have also updated many of the powerful tools already present. These are Metasploit, Airgeddon, Neteexec, Maltego, Sqlmap, ZAP, Sherlock, Seclists, enum4linux, bloodhound, the harvester, Burpsuite…
