Blog Posts Tagged with "Tools"
Refresher Series - Capturing and cracking SMB hashes with Cain and Half-LM rainbow tables.
December 20, 2012 Added by:f8lerror
On to the fun stuff, to capture a hash we want to use the Metasploit capture SMB auxiliary module, which is located in auxiliary/server/capture/smb. Leave the default settings with the exception of the CAINPWFILE. Set this to output the file where ever you like...
Comments (0)
Group-IB: Banking trojan «Carberp» sales were reborn with bootkit module
December 17, 2012 Added by:Pierluigi Paganini
During the last week introduced you the excellent work done by the Group-IB, a security firm resident of the Moscow-based Skolkovo Foundation that has received a grant in the amount of 30m rubles (approximately $966,000) for the development of a global counter-cybercrime system named the CyberCop...
Comments (0)
The secrets of incorporating security into functional testing
November 11, 2012 Added by:Rafal Los
Whether you agree with that or not, my proposal is that with the right tools it can be done. More than just the right tools, with tools that appropriately match the use-case of the functional tester... so I've started collecting a list of things functional testers would require to add in the security...
Comments (0)
IP Analysis with AV Tracker
November 04, 2012 Added by:Rob Fuller
Ever set up a multi/handler and get an odd IP hitting it? You might have just been caught. AV Tracker is a site that tracks the different IP addresses, hostnames, computer names and user agents that AV and other submit-your-malware-here drop boxes use...
Comments (0)
Discover Who’s Tracking You Online with Collusion
October 22, 2012 Added by:Fergal Glynn
There are increasing concerns over tracking done by advertisers and website owners and recent legislation has shone a spotlight on the topic. Collusion is a great add-on for Firefox made by Mozilla that shows, in real time, how the data you share creates a spider-web of interaction between companies and other trackers...
Comments (2)
Ask The Experts: Favorite Security Tools
October 17, 2012 Added by:Brent Huston
Wireshark – Sharking the wires is one of my favorite things to do. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need...
Comments (1)
On the Lack of IT Readiness: The Security Edition
September 30, 2012 Added by:Rafal Los
Sticking to the basics wouldn't be such a bad thing in Security... if we had a clue on how to do the basics right. I know plenty of people who pentest all day every day and they'll be the first to tell you how easy it is to break in because defenses are so weak, if they exist at all...
Comments (0)
Analyzing Desktops, Heaps, and Ransomware with Volatility
September 24, 2012 Added by:Michael Ligh
This post discusses the undocumented windows kernel data structures for desktop objects and desktop heaps. You'll see how to use memory forensics to detect recent malware including the ACCDFISA ransomware and Tigger variants...
Comments (0)
Analyzing the KBeast Rootkit and Detecting Hidden Modules with Volatility
September 18, 2012 Added by:Andrew Case
KBeast is a rootkit that loads as a kernel module. It also has a userland component that provides remote access. This backdoor is hidden from other userland applications by the kernel module. KBeast also hides files, directories, and processes that start with a user defined prefix...
Comments (0)
Practical Packet Analysis
September 18, 2012 Added by:Jayson Wylie
This book details topics and features to help analyze traffic issues and identify potential problematic points to improve performance and verify the valid flow of common network communications that can help differentiate the good traffic from the bad...
Comments (1)
Recovering Login Sessions, Loaded Drivers, and Command History with Volatility
September 18, 2012 Added by:Michael Ligh
Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...
Comments (0)
Analyzing the Average Coder Rootkit, Bash History, and Elevated Processes with Volatility
September 16, 2012 Added by:Andrew Case
This post showcases some of Volatility’s new Linux features by analyzing a popular Linux kernel rootkit named “Average Coder” and includes recovering .bash_history, finding userland processes elevated to root, and discovering overwritten file operation structure pointers...
Comments (0)
Metasploit Penetration Testing Cookbook
September 13, 2012 Added by:Philip Polstra
Singh provides an introduction to the widely used Metasploit framework in the form of seventy plus recipes for various penetration testing tasks, and goes beyond the basics of Metasploit and covers additional penetration testing tools such as various scanners and evasion tools...
Comments (0)
Raising Zombies in Windows: Passwords
September 13, 2012 Added by:Rob Fuller
List the tokens available with Incognito, your new user will be there, steal it and you're done. You now have the ability to user that account/domain token on any of the hosts you've compromised on the network, not just the ones they happen to have left themselves logged in...
Comments (0)
Terminal Services Attack Reductions Redux
September 10, 2012 Added by:Brent Huston
Our testing of the “rdp-sec-check” tool showed it to be quite useful in determining the configuration of exposed Terminal Services and in hardening them. Keep in mind, it is likely useful to harden the Terminal Services implementations internally to critical systems as well...
Comments (1)
Pentoo 2012: A Penetration Testers Distro of Gentoo Linux
September 09, 2012 Added by:Dan Dieterle
I’ve never seen Pentoo before, but couldn’t resist taking a peek. Basically Pentoo is Gentoo Linux with a bunch of security focused tweaks. I am married to Backtrack and am not interested in switching to another Linux Security Distro, but Pentoo looks enticing...
Comments (1)
- Privilege Escalation Flaws Impact Wacom Update Helper
- Answering Tough Questions About Network Metadata and Zeek
- Qakbot Trojan Updates Persistence, Evasion Mechanism
- Flaws in D-Link Cloud Camera Expose Video Streams
- SOAR: Doing More with Less
- Gaining Control of Security and Privacy to Protect IoT Data
- Growing Reliance on Digital Connectivity Amplifies Existing Risks, Creates New Ones
- How Microsegmentation Helps to Keep Your Network Security Watertight
- Through the Executive Lens: Prioritizing Application Security Vulnerabilities
- Next Generation Firewalls are Old News in the Cloud