Where has all the Malware gone? 2015 has been the year of a series of major down trends of malware infections. The largest contributor in the decline of infections is based on a few significant factors. The hay days of exploit kits and Java 0-days seems to be at an all time low for the … Read more Where has all the Malware gone?
SSDP Distributed Reflection Denial of Service attacks are on the rise and may be the biggest threat right now. SSDP attacks do not have the biggest amplification number but they may have the most vulnerable systems to abuse in a reflection attack. Open source reports indicate that there are over 5 million vulnerable systems … Read more SSDP Distributed Reflection Denial of Service (DrDoS) Attacks may be biggest threat – Traffic Sample & Snort Rule
If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either trowing back a reverse shell or binding a shell to a TCP port. This page deals with the former. Your options for creating a reverse shell are limited … Read more Penetration Testing Red Team Reverse Shell Cheat Sheet
Be careful, it might not all be malware, adware, PUPs and innocuous traffic is in play. Download PCAP : netstream VM executables used will be included in the next post. 2016-08-25 20:40:37.831293 IP 192.168.1.102.51776 > 188.8.131.52.80: Flags [P.], seq 0:267, ack 1, win 256, length 267: HTTP: GET /cgi-bin/get_protect.cgi?checking=true&version=gmsd_us_233&forceGEO=US HTTP/1.1 E..3?…..~^…f%….@.P.._.p?..P…^…GET /cgi-bin/get_protect.cgi?checking=true&version=gmsd_us_233&forceGEO=US HTTP/1.1 Content-Type: application/x-www-form-urlencoded … Read more Malware PCAP Traffic Analysis – Can you name the different types of malware?
Watch this hacker find an unsuspecting target – A PRINTER! and compromise it using the web admin portal and load tools onto the printer to further compromise printers and use a DDoS tool from the printer. Most assessments that I have been on and through consulting I have made it a priority to print a … Read more Are your printers secure? Cyber Security Video how Hackers are hacking Printers and Backdooring them
Here are some simple command line tricks to help while doing recon on your target network/host A simple way to automatically resolve domain names, can be used with a for loop to resolve a massive list of domain names, you can also add a cronjob and create an .out file if you want to track … Read more Penetration Testing Reconassaince Command Line Tricks Dig, Mass Domain Resolution, Ping Sweeping
Network Pivoting using SSH tunneling and forwarding: Is Microsoft Network Monitor was installed? If so, depending on which version, you may have to run netmon, netcap, or nmcap, each of which has slightly different features and syntax. For example, if Network Monitor 3 is installed running, you could execute the following command at a shell prompt: C:\> … Read more Cheat Sheet How to pass the OSCP Offensive Security Certified Professional Exam Step-by-Step Guide – Network Pivoting – PART 7
SQL Injection Commands SELECT * FROM Users WHERE Username=’$username’ AND Password=’$password’ A similar query is generally used from the web application in order to authenticate a user. If the query returns a value it means that inside the database a user with that set of credentials exists, then the user is allowed to login … Read more Cheat Sheet How to pass the OSCP Offensive Security Certified Professional Exam Step-by-Step Guide- SQLi XSS Web App Attacks – PART 5