Items Tagged with "Tools"


71d85bb5d111973cb65dfee3d2a7e6c9

Refresher Series - Capturing and cracking SMB hashes with Cain and Half-LM rainbow tables.

December 20, 2012 Added by:f8lerror

On to the fun stuff, to capture a hash we want to use the Metasploit capture SMB auxiliary module, which is located in auxiliary/server/capture/smb. Leave the default settings with the exception of the CAINPWFILE. Set this to output the file where ever you like...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Group-IB: Banking trojan «Carberp» sales were reborn with bootkit module

December 17, 2012 Added by:Pierluigi Paganini

During the last week introduced you the excellent work done by the Group-IB, a security firm resident of the Moscow-based Skolkovo Foundation that has received a grant in the amount of 30m rubles (approximately $966,000) for the development of a global counter-cybercrime system named the CyberCop...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The secrets of incorporating security into functional testing

November 11, 2012 Added by:Rafal Los

Whether you agree with that or not, my proposal is that with the right tools it can be done. More than just the right tools, with tools that appropriately match the use-case of the functional tester... so I've started collecting a list of things functional testers would require to add in the security...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

IP Analysis with AV Tracker

November 04, 2012 Added by:Rob Fuller

Ever set up a multi/handler and get an odd IP hitting it? You might have just been caught. AV Tracker is a site that tracks the different IP addresses, hostnames, computer names and user agents that AV and other submit-your-malware-here drop boxes use...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Discover Who’s Tracking You Online with Collusion

October 22, 2012 Added by:Fergal Glynn

There are increasing concerns over tracking done by advertisers and website owners and recent legislation has shone a spotlight on the topic. Collusion is a great add-on for Firefox made by Mozilla that shows, in real time, how the data you share creates a spider-web of interaction between companies and other trackers...

Comments  (2)

E313765e3bec84b2852c1c758f7244b6

Ask The Experts: Favorite Security Tools

October 17, 2012 Added by:Brent Huston

Wireshark – Sharking the wires is one of my favorite things to do. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

On the Lack of IT Readiness: The Security Edition

September 30, 2012 Added by:Rafal Los

Sticking to the basics wouldn't be such a bad thing in Security... if we had a clue on how to do the basics right. I know plenty of people who pentest all day every day and they'll be the first to tell you how easy it is to break in because defenses are so weak, if they exist at all...

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Analyzing Desktops, Heaps, and Ransomware with Volatility

September 24, 2012 Added by:Michael Ligh

This post discusses the undocumented windows kernel data structures for desktop objects and desktop heaps. You'll see how to use memory forensics to detect recent malware including the ACCDFISA ransomware and Tigger variants...

Comments  (0)

Bdcd1324539ec513ff7c10014b9668b6

Analyzing the KBeast Rootkit and Detecting Hidden Modules with Volatility

September 18, 2012 Added by:Andrew Case

KBeast is a rootkit that loads as a kernel module. It also has a userland component that provides remote access. This backdoor is hidden from other userland applications by the kernel module. KBeast also hides files, directories, and processes that start with a user defined prefix...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Practical Packet Analysis

September 18, 2012 Added by:Jayson Wylie

This book details topics and features to help analyze traffic issues and identify potential problematic points to improve performance and verify the valid flow of common network communications that can help differentiate the good traffic from the bad...

Comments  (1)

Fd7e078e5bfb68a4be33cbfac76f4f70

Recovering Login Sessions, Loaded Drivers, and Command History with Volatility

September 18, 2012 Added by:Michael Ligh

Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...

Comments  (0)

Bdcd1324539ec513ff7c10014b9668b6

Analyzing the Average Coder Rootkit, Bash History, and Elevated Processes with Volatility

September 16, 2012 Added by:Andrew Case

This post showcases some of Volatility’s new Linux features by analyzing a popular Linux kernel rootkit named “Average Coder” and includes recovering .bash_history, finding userland processes elevated to root, and discovering overwritten file operation structure pointers...

Comments  (0)

5b4dab10939f37f8bee4017c584353fe

Metasploit Penetration Testing Cookbook

September 13, 2012 Added by:Philip Polstra

Singh provides an introduction to the widely used Metasploit framework in the form of seventy plus recipes for various penetration testing tasks, and goes beyond the basics of Metasploit and covers additional penetration testing tools such as various scanners and evasion tools...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Raising Zombies in Windows: Passwords

September 13, 2012 Added by:Rob Fuller

List the tokens available with Incognito, your new user will be there, steal it and you're done. You now have the ability to user that account/domain token on any of the hosts you've compromised on the network, not just the ones they happen to have left themselves logged in...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Terminal Services Attack Reductions Redux

September 10, 2012 Added by:Brent Huston

Our testing of the “rdp-sec-check” tool showed it to be quite useful in determining the configuration of exposed Terminal Services and in hardening them. Keep in mind, it is likely useful to harden the Terminal Services implementations internally to critical systems as well...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Pentoo 2012: A Penetration Testers Distro of Gentoo Linux

September 09, 2012 Added by:Dan Dieterle

I’ve never seen Pentoo before, but couldn’t resist taking a peek. Basically Pentoo is Gentoo Linux with a bunch of security focused tweaks. I am married to Backtrack and am not interested in switching to another Linux Security Distro, but Pentoo looks enticing...

Comments  (1)

Page « < 1 - 2 - 3 - 4 - 5 > »