This is a brief intro to automating recon through bash scripting. This example uses nmap scans that we’re automating. We teach this and much more in our penetration testing and ethical hacking courses. This is on the list of my ideal skill-sets for penetration testing – so you can […]
This is a complete demo of MitM
There seems to be a large disconnect between what the average home user knows about security and what people are expected to know at work. One of the big threats that’s often overlooked is the security gap that exists when corporate employees are given VPN access and allowed to […]
Our first Interview is coming soon. Subscribe to the newsletter or RSS to be alerted of all new articles and interviews as they’re posted to the resources.infosecinstitute.com site.
As a person who’s committed to helping raise awareness in the security community as a whole, I’ve often found myself asking this question. While there are several issues that I think contribute to the state of information security today, I’m going to outline a few of the major […]
tree > directory.txt (creates a directory tree of the current directory in a text file named directory.txt)
tree /F > directory.txt (creates a directory tree plus all files and extensions of the current directory in a text file named directory.txt)
use && between command to do multiple commands at once. (string commands together)
tasklist | […]
This makes sure that the drive is unmounted. It may generate an error if the drive is not mounted,
but that is ok.
mount -o rw /dev/sda1 /media/sda1
This will mount the drive as read/write, while the umask=000 options allows all users to read,
write, and execute files on the media.
CISM Chapter 2 – Information Risk Management (IRM)
IRM accounts for 22 percent of the CISM exam or about 44 questions. In 2010, ISACA reorganized the CISM Review Manual and separated each chapter into two major sections. Section 1 of each chapter contains the definitions and objectives with the corresponding […]
The grep utility, which allows files to be searched for strings of words, uses a syntax similar to the regular expression syntax of the vi, ex, ed, and sed editors. grep comes in three flavors, grep, fgrep, and egrep, all of which I’ll cover in this article.
The name grep is derived from the editor […]
PORTIONS OF THE BELOW EXPLANATION HAVE BEEN SOURCED FROM DLL HIJACKING DEFINITION AT MARAVIS.com AND HAVE BEEN GRANTED PERMISSION TO USE HERE AS A MEANS TO PREFACE THE ABOVE VIDEO
“Thanks for letting me know. I will be fine with a link to my post. You
don’t have to take it […]
How to start DHCP in Backtrack 4 pre-final
ifconfig eth0 up (or use whatever your card is, eth0 is a common default. This command basically brings up whatever interface you specify.)
/etc/init.d/networking start (this commands starts networking and sends a dhcpdiscover broadcast out on usually eth0)
Learn about common Mac OS X keyboard shortcuts. A keyboard shortcut is a way to invoke a function in Mac OS X by pressing a combination of keys on your keyboard.
To use a keyboard shortcut, or key combination, you press a modifier key with a character key. For example, […]
./msfcli | grep osx/ (grep for only osx exploits)
./msfcli | grep windows/browser/ (grep for only windows browswer exploits)
rexploit (reloads exploit)
info exploit name (gives information about a specific exploit.)
This tutorial will cover the process of writing an SEH based buffer overflow exploit for a known vulnerability in the Vulnserver application.
Vulnserver is a Windows server application that deliberately includes a number of exploitable buffer overflow vulnerabilities, and was designed to act as a target application to teach and […]
echo 1 > /proc/sys/net/ipv4/ip_forward enables ipv4 forwarding on backtrack, and other distros.
cut -d” ” -f2 > new (cuts from an nmap grepable scan file and leave only ip. the grep file looks like this;
Host: 192.168.0.1 () Ports: 139/open/tcp//netbios-ssn///
Host: 192.168.0.3 () Ports: 139/open/tcp//netbios-ssn///
we’re using a delimiter of space -d” ” and […]
Description: A bug in Chinese video streaming software leads to mass open proxies on the web.
A security blogger has uncoverd a flaw in the Chinese PPLive video streaming software. A new port, TCP port 9415, was appearing regularly on websites that list open proxies. Most of these open proxies were based […]
Description: Parsing the OWASP Top Ten with a closer look at Cross-Site Request Forgery (CSRF)
Our discussion of OWASP Top 10 Tools and Tactics garnered enough interest to warrant a closer look at each vulnerability as a separate entity with a specific example for deeper analysis. Forgive me in advance […]
CISM Domain 1 – Information Security Governance (ISG)
ISG accounts for 23 percent of the CISM exam or about 46 questions. In 2010, ISACA reorganized the CISM Review Manual and separated each chapter into two major sections. Section 1 of each chapter contains the definitions and objectives with the corresponding […]
In this final article in this series, we will describe the process of loading the bootkit previously discussed in “TDSS part 1: the x64 Dollar Question” and “TDSS part 2: Ifs and Bots”. First of all we explain briefly how the normal boot process is handled on different systems, […]
In our previous Infosec Institute article, “TDSS part 1: the x64 Dollar Question”, we looked at the distribution and installation mechanisms used by TDL4. For the second part of the series, we look in more depth at the internals of the malware, starting with the user-mode implementation of the […]