What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-10-15 18:22:44 | Forensic Investigation : Prefetch File (lien direct) | In this article, we are going to study an important artifact of Windows, i.e. prefetch files. Every time you do anything on your Windows system, a file is created. These files are called Prefetch files. Through this article, we will learn how these are important and why do we need them. Table of Content Introduction... Continue reading → | |||
|
2020-10-14 14:54:47 | (Déjà vu) Maskcrafter: 1.1: Vulnhub Walkthrough (lien direct) | Introduction Today we are going to crack this vulnerable machine called Maskcrafter: 1.1. It is created by evdaez. It is a simple Boot to root kind of challenge. We need to get root privilege on the machine and read the root flag to complete the challenge. Overall, it was an intermediate machine to crack. Download... Continue reading → | |||
|
2020-10-13 16:31:01 | AlienVault: End user Devices Integration-Lab Setup (Part 2) (lien direct) | As logs never lie, it's very important to aggregate and analyze the internal and external network logs constantly so that you can prevent a breach or perform incident response on time. In the previous article, we looked at the configuration and installation of AlienVault OSSIM. The operating-system integration for AlienVault is based on window-centric for... Continue reading → | |||
|
2020-10-12 15:17:10 | SIEM Lab Setup: AlienVault (lien direct) | AlienVault OSSIM is an Open Source Security Information and Event Management (SIEM), which provides you with the feature-rich open source SIEM complete with event collection, normalization, and correlation. OSSIM is a unified platform which is providing the essential security capabilities like: – Asset discovery Vulnerability assessment Host Intrusion detection Network intrusion detection Behavioural monitoring SIEM... Continue reading → | Vulnerability | ||
|
2020-10-11 14:22:43 | Fast Incident Response and Data Collection (lien direct) | In this article, we will gather information utilizing the quick incident response tools which are recorded beneath. All these tools are a few of the greatest tools available freely online. Through these, you can enhance your Cyber Forensics skills. Table of Contents Live Response Collection-Cederpelta Build CDIR(Cyber Defense Institute Incident Response) Collector Fast IR Collector... Continue reading → | |||
|
2020-10-11 13:44:38 | (Déjà vu) Tempus Fugit: 3 Vulnhub Walkthrough (lien direct) | Today we are going to solve another boot2root challenge called “Tempus: 3“. It’s available at VulnHub for penetration testing and you can download it from here. The merit of making this lab is due to @4nqr34z & @theart42. Let’s start and learn how to break it down successfully. Level: Hard Penetration Testing Methodology Reconnaissance Netdiscover... Continue reading → | |||
|
2020-10-09 18:46:25 | Defense Evasion with obfuscated Empire (lien direct) | In this article, we will learn the technique of Defence Evasion using the PowerShell Empire. PowerShell Empire is one of my favourite Post Exploitation tools and it is an applaudable one at that. Table of Contents: Installation Getting a session with Empire Obfuscating with Empire Installation When evading all the target defences with Empire, it... Continue reading → | |||
|
2020-10-08 09:25:55 | (Déjà vu) Insanity: 1 Vulnhub Walkthrough (lien direct) | Today we are going to solve another boot2root challenge called “Insanity: 1“. It’s available at VulnHub for penetration testing and you can download it from here. The merit of making this lab is due to Thomas Williams. Let’s start and learn how to break it down successfully. Level: Hard Penetration Testing Methodology Reconnaissance Netdiscover Nmap... Continue reading → | |||
|
2020-10-06 19:42:17 | Firefox for Pentester: Privacy and Protection Configurations (lien direct) | Introduction This is a second article in the series “Firefox for Pentester”. Previously we talked about how we can enhance the Privacy and Protection in Firefox using various add-ons and so, in this article we will become competent to protect ourselves online through the configuration options that Firefox provides us. In comparison to other browsers,... Continue reading → | |||
|
2020-10-05 18:58:51 | Panabee: 1: Vulnhub Walkthrough (lien direct) | Introduction Today we are going to crack this vulnerable machine called Panabee: 1. It is created by ch4rm. He is available on Twitter by handle aniqfakhrul. This is a Boot to root kind of challenge. We need to get root privileges on the machine and read the root flag to complete the challenge. Overall it... Continue reading → | |||
|
2020-10-04 16:56:10 | Firefox for Pentester: Privacy and Protection Add-ons (lien direct) | In today's article, we will facilitate ourselves with the skill of protecting us online. Firefox is a web browser developed by Mozilla. With its latest quantum update, it provides us with improved speed and unique design. Firefox is an amazing web browser, its user friendly and customizable. When we talk about penetration testers or security... Continue reading → | |||
|
2020-10-04 13:03:43 | VULS- An Agentless Vulnerability Scanner (lien direct) | VULS is an open-source agentless vulnerability scanner that is written In GO Language for Linux Systems. For server Administrator having to perform software updates and security vulnerability analysis daily can be a burden. VULS can be useful or helpful to automate Vulnerability Analysis and to Avoid the burden of manually performing of Vulnerability analysis of... Continue reading → | Vulnerability | ||
|
2020-10-03 14:17:14 | (Déjà vu) PowerGrid: 1.0.1 Vulnhub Walkthrough (lien direct) | Today we are going to solve another boot2root challenge called “PowerGrid: 1.0.1“. It’s available at VulnHub for penetration testing and you can download it from here. The merit of making this lab is due to Thomas Williams. Let’s start and learn how to break it down successfully. Level: Hard Penetration Testing Methodology Reconnaissance Netdiscover Nmap... Continue reading → | |||
|
2020-10-03 13:37:16 | Android Penetration Testing: Lab Setup (lien direct) | Does setting a Password or biometric security really protect your phone? Or are these things just only protect your mobile data from the attackers. From this article, we’ll learn how to set up a secure environment for a Mobile Application that includes android penetration testing tools & genymotion. Table of Content Install Genymotion Install Virtual... Continue reading → | |||
|
2020-10-02 10:39:48 | (Déjà vu) Relevant: 1 Vulnhub Walkthrough (lien direct) | Today we are going to solve another boot2root challenge called “Relevant: 1“. It’s available at VulnHub for penetration testing and you can download it from here. The merit of making this lab is due to @iamv1nc3nt. Let’s start and learn how to break it down successfully. Level: Intermediate Penetration Testing Methodology Reconnaissance Netdiscover Nmap Enumeration... Continue reading → | |||
|
2020-10-01 11:24:53 | HA: Narak: Vulnhub Walkthrough (lien direct) | Introduction Today we are going to crack this vulnerable machine called HA: Narak. This is a Capture the Flag type of challenge. Overall, it was an Intermediate machine to crack. Download Lab from here. Penetration Testing Methodology Network Scanning Netdiscover Nmap Enumeration Browsing HTTP Service Directory Bruteforce Exploitation Exploiting PUT Vulnerability using cadaver Post-Exploitation Enumerating... Continue reading → | Vulnerability | ||
|
2020-09-26 10:15:32 | (Déjà vu) Durian: 1 Vulnhub Walkthrough (lien direct) | Today we are going to solve another boot2root challenge called “Durian: 1“. It’s available at VulnHub for penetration testing and you can download it from here. The merit of making this lab is due to SunCSR Team. Let’s start and learn how to break it down successfully. Level: Hard Penetration Testing Methodology Reconnaissance Netdiscover Nmap... Continue reading → | |||
|
2020-09-26 09:08:29 | Threat Hunting: Velociraptor for Endpoint Monitoring (Part 2) (lien direct) | In our previous article, we have covered with Velociraptor master server setup with a brief demonstration of Velociraptor installation, GUI interface set up with some of the forensics Artifacts If you didn't read that then don't worry you can visit that article from here. Threat Hunting: Velociraptor for Endpoint Monitoring Once done with a complete... Continue reading → | Threat | ||
|
2020-09-24 11:41:14 | Digital Forensics: An Introduction (Part 2) (lien direct) | In the first part of this article, we have seen the Elements of a Digital Crime, Goals of Digital Forensic Investigation, Classification of Digital Forensics, Digital Evidence, Principles of Digital Forensics, Process of Forensic Investigation, Types of Tools, etc. Digital Forensics: An Introduction Table of Contents: Understanding the difference between E-Discovery & Digital Forensics E-Discovery... Continue reading → | |||
|
2020-09-22 15:17:56 | Nyx: 1: Vulnhub Walkthrough (lien direct) | Introduction Today we are going to crack this vulnerable machine called Nyx: 1. It was created by 0xatom. You could contact him on Discord. This is a Capture the Flag type of challenge. It contains two flags. A user flag that is available from a limited level shell and a root flag that you have... Continue reading → | |||
|
2020-09-22 09:03:43 | (Déjà vu) Cewlkid: 1 Vulnhub Walkthrough (lien direct) | Today we are going to solve another boot2root challenge called “Cewlkid: 1“. It’s available at VulnHub for penetration testing and you can download it from here. The merit of making this lab is due to @iamv1nc3nt. Let’s start and learn how to break it down successfully. Level: Intermediate Penetration Testing Methodology Reconnaissance Netdiscover Nmap Enumeration... Continue reading → | |||
|
2020-09-21 07:40:47 | Mercury: Vulnhub Walkthrough (lien direct) | Introduction Here is another Vulnerable machine called Mercury. It is available on vuln hub. Let's move further towards this CTF challenge. There are two flags on the box: a user and root flag which include a hash. Download Here. Level: Easy Penetration Testing Methodologies Scanning Netdiscover Nmap Enumeration Dirb txt Exploitation SQL Injection using SQLmap... Continue reading → | |||
|
2020-09-20 09:43:49 | (Déjà vu) CengBox: 2: Vulnhub Walkthrough (lien direct) | Introduction Today we are going to crack this vulnerable machine called CengBox: 2. It was created by Arslan Bilecen. This is a Capture the Flag type of challenge. It contains two flags that is accessible after gaining a limited session and a root level privilege on the machine. It was an Intermediate level machine. Download... Continue reading → | |||
|
2020-09-19 18:22:30 | Star Wars: 1 Vulnhub Walkthrough (lien direct) | Hi friends, Today I am going to share a writeup for gaining root access for the vulnhub machine “star-wars-ctf-1”. It contains one flag that is accessible after gaining root level privilege on the machine. It is developed by Sir Logic team difficulty level of this machine is for beginners. Our goal is to gain root... Continue reading → | |||
|
2020-09-19 17:04:18 | ShellDredd #1 Hannah Vulnhub Walkthrough (lien direct) | Today we will solve a new boot2root challenge named “ONSYSTEM: SHELLDREDD # 1 HANNAH“. For penetration testing, it is available on VulnHub and we can download it from here. The credit goes to d4t4s3c for creating this lab. Let’s start, and learn how to break it down successfully. Level: Easy Penetration Testing Methodology Network Scanning... Continue reading → | |||
|
2020-09-19 16:42:00 | Healthcare: 1 Vulnhub Walkthrough (lien direct) | Today we are going to solve another boot2root challenge called “HEALTHCARE 1”. It is developed to train student the art of penetration testing. The credit of making this lab goes to v1n1v131r4 and lab is available for download here healthcare-1. This is an Intermediate level machine that hosts two flags: user.txt and root.txt. Penetration Testing Methodology Reconnaissance... Continue reading → | |||
|
2020-09-19 09:02:56 | (Déjà vu) Chili: 1 Vulnhub Walkthrough (lien direct) | Today we are going to solve another boot2root challenge called “Chili: 1“. It’s available at VulnHub for penetration testing and you can download it from here. The merit of making this lab is due to SunCSR Team. Let’s start and learn how to break it down successfully. Level: Easy Penetration Testing Methodology Reconnaissance Netdiscover Nmap... Continue reading → | |||
|
2020-09-18 08:25:53 | (Déjà vu) Tomato: 1 Vulnhub Walkthrough (lien direct) | Today we are going to solve another boot2root challenge called “Tomato: 1“. It’s available at VulnHub for penetration testing and you can download it from here. The merit of making this lab is due to SunCSR Team. Let’s start and learn how to break it down successfully. Level: Intermediate Penetration Testing Methodology Reconnaissance Netdiscover Nmap... Continue reading → | |||
|
2020-09-16 21:00:41 | Loly: 1 Vulnhub Walkthrough (lien direct) | Hello Folks, in this article, we are going to solve a Capture the Flag (CTF) challenge of LOLY:1 from Vulnhub and the URL for this CTF is https://vulnhub.com/entry/loly-1,538/. This CTF is posted by SunSCR Team and aimed for Beginners, so let's get started… Table of Contents Reconnaissance Netdiscover Nmap Enumeration Dirb for Directory Listing and... Continue reading → | |||
|
2020-09-15 11:09:39 | CryptoBank: 1: Vulnhub Walkthrough (lien direct) | Introduction Today we are going to crack this vulnerable virtual machine called CryptoBank 1. It was created by emaragkos. This is a Capture the Flag type of challenge. It contains one flag that is accessible after gaining root level privilege on the machine. It was an Intermediate level machine. It made me think and work... Continue reading → | |||
|
2020-09-14 11:57:11 | Docker for Pentester: Abusing Docker API (lien direct) | As you know, docking services are booming, docking container attacks are also on the rise. But this post will illustrate how the intruder is trying to compromise the docker API due to a weak setup. Table of Content Docker architecture Enable Docker API for Remote connection Abusing Docker API Docker Architecture Docker uses a client-server... Continue reading → | |||
|
2020-09-14 11:25:16 | Digital Forensics: An Introduction (lien direct) | Digital Forensics is the application of scientific methods in preserving, recovering, and investigating digital evidence in a Digital crime scenario. It can be correctly defined as, collection, examination, analysis, and documentation by using scientifically proven methods to investigate a digital crime and present it before the court. Table of Contents: Elements of a Digital Crime... Continue reading → | |||
|
2020-09-11 18:01:41 | Docker for Pentester: Image Vulnerability Assessment (lien direct) | We are moving from virtualization to containerization and we are all familiar with the container services such as docking or quay.io. You can pick a dock image for a particular application by selecting several choices. As you know, when a developer works with a container, it not only packs the program but is part of... Continue reading → | Vulnerability | ★★★★ | |
|
2020-09-10 18:03:59 | Forensic Investigation: Preserve Time Stamp (lien direct) | As a Digital Forensic Investigator, you might understand, how important it is to preserve timestamps of any evidence gathered at the scene of a crime. You will be on your toes to make sure that the timestamps of the original evidence are never altered at the time of acquisition. This is important as you have... Continue reading → | |||
|
2020-09-09 10:05:58 | USB Forensics: Detection & Investigation (lien direct) | Universal Serial Bus flash drives, commonly known as USB flash drives are the most common storage devices which can be found as evidence in Digital Forensics Investigation. The digital forensic investigation involves following a defined procedure for investigation which needs to be performed in such a manner that the evidence isn't destroyed. So, let us... Continue reading → | |||
|
2020-09-08 15:37:02 | SIEM: Windows Client Monitoring with Splunk (lien direct) | In our previous article, we have covered with Splunk master server setup with a brief demonstration of Dashboard setup or Log monitoring you can visit that article from here. Once done with a complete server setup we need to focus on how to bring the logs from the network environment into Splunk for indexing. We... Continue reading → | |||
|
2020-09-06 20:30:37 | Understanding the CSRF Vulnerability (A Beginner\'s Guide) (lien direct) | You always change your account's password when you desire for, but what, if your password is changed whenever the attacker wants, and that if when you are not aware with it? Today in this article, we'll learn the basic concepts about CSRF attacks or how an attacker forces the user to execute some unwanted actions... Continue reading → | Vulnerability | ||
|
2020-09-03 17:03:12 | Data Exfiltration using Linux Binaries (lien direct) | Have you ever heard about your critical data being exported somewhere else without your knowledge? Data exfiltration is a method of breaching the security and having illegal access over the data of the user's system or a server. Table of Contents Introduction to Data exfiltration Linux Binaries Data exfiltration using Default Linux Binaries /cancel /wget... Continue reading → | |||
|
2020-09-02 18:35:53 | Incident Response: Windows Account Logon and logon Events (lien direct) | A user when authenticates a Windows endpoint, then an Account Logon event will be generated and will be recorded. These account logon events will be recorded in the Security event log of the system which will be responsible for authentication of the user. On accessing an account for a resource, a Logon event will be... Continue reading → | |||
|
2020-09-01 19:43:43 | Threat Hunting: Velociraptor for Endpoint Monitoring (lien direct) | Velociraptor is a tool for collecting host-based state information using Velocidex Query Language (VQL) queries. To learn more about Velociraptor, read the documentation on https://www.velocidex.com/docs Table of Content Introduction to Velociraptor Architecture What is VQL Prerequisites Velociraptor Environment Velociraptor installation Addition of host forensics investigation / Threat Hunting Introduction to Velociraptor Velociraptor is a free... Continue reading → | Tool Threat | ||
|
2020-08-31 18:43:16 | Penetration Testing on CouchDB (5984) (lien direct) | What is CouchDB CouchDB is a Free and open-source fault-tolerant NoSQL database developed by Apache software foundation. It uses JSON, to store data, javascript as its query languages and It includes RESTFUL API to transmit data over HTTP. CouchDB Features CouchDB have REST API that is based on HTTP which helps to communicate with database... Continue reading → | |||
|
2020-08-29 18:10:13 | (Déjà vu) Incident Response: Windows Account Management Event (Part 2) (lien direct) | For a system to perform well and ensure its maintenance, it is extremely important to monitor and manage events on a system. Event Logs are part of the Windows system, that are created by on a system and can be checked locally or remotely on regular intervals by an administrator or any user. These logs... Continue reading → | |||
|
2020-08-29 17:05:26 | (Déjà vu) Incident Response: Windows Account Management Event (Part 1) (lien direct) | For a system to perform well and ensure its maintenance, it is extremely important to monitor and manage events on a system. Event Logs are part of the Windows system, that are created by on a system and can be checked locally or remotely on regular intervals by an administrator or any user. These logs... Continue reading → | |||
|
2020-08-29 17:05:26 | Incident Response: Account Management Event (Part 1) (lien direct) | For a system to perform well and ensure its maintenance, it is extremely important to monitor and manage events on a system. Event Logs are part of the Windows system, that are created by on a system and can be checked locally or remotely on regular intervals by an administrator or any user. These logs... Continue reading → | |||
|
2020-08-27 11:12:09 | Firewall Lab Setup: Untangle (lien direct) | What is a Firewall? a firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet. Wikipedia Firewalls are also categorized as network firewalls and firewalls... Continue reading → | |||
|
2020-08-26 17:42:29 | Defense Evasion: Alternate Data Streams (lien direct) | Alternate Data Stream is an artifact of New Technology File system (NTFS) which was introduced by Windows. It was traditionally introduced so that it could provide compatibility for file sharing with the older Hierarchical File system (HFS) of Macintosh systems where the data could be forked into different resources and to store additional data of... Continue reading → | |||
|
2020-08-26 13:06:47 | SIEM: Log Monitoring Lab Setup with Splunk (lien direct) | Splunk Inc. is an American public multinational corporation based in San Francisco, California, that produces software for searching, monitoring, and analyzing machine-generated big data via a Web-style interface. Splunk (the product) captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations. Table of Content What is Splunk Splunk Features Splunk Architecture... Continue reading → | |||
|
2020-08-25 17:34:41 | DMV :1 Vulnhub Walkthrough (lien direct) | CTF's are one of the best and probably the fun way to get hands-on pen testing experience. This one, in particular, is a great CTF from Vulnhub which uses aspects of web penetration testing like file upload attacks. We get a chance to capture the requests being made from the web application and exploiting them... Continue reading → | |||
|
2020-08-25 16:39:52 | Anti-Forensic: Swipe Footprint with Timestomp (lien direct) | In this article, we will learn how we can swipe our footprint after hacking the victim's system. We can achieve that with the help of the Timestomp feature provided by Metasploit Framework. Let's understand the scenario In this scenario, how a hacker can remove his footsteps in the victim system after the hack. So, that... Continue reading → | |||
|
2020-08-23 16:39:43 | Credential Dumping: Fake Services (lien direct) | Have you ever heard about Fake services? Credential dumping can be performed by exploiting open ports like ftp, telnet, smb, etc. to gain sensitive data like usernames and passwords. Table of Contents Introduction ftp telnet vnc SMB http_basic Pop3 SMTP Postgresql MsSql http_ntlm MsSql Introduction In Metasploit by making use of auxiliary modules, you can... Continue reading → |
To see everything:
Our RSS (filtrered)
