January, 2018

  • 17 January

    Operating System Command Injection Vulnerabilities

    Operating System Command Injection Vulnerabilities

    O/S Command Injection Vulnerabilities: Another attack vector that is part of injection is operating system command injection. This occurs when a hacker is able to dictate what system level commands (commonly bash in Linux or cmd.exe in Windows) are run on the web server. In most cases, a hacker will …

  • 16 January

    USING NMAP TO PERFORM AN XMAS SCAN

    USING NMAP TO PERFORM AN XMAS SCAN

    XMAS SCAN: In the computer world, a request for comments (RFC) is a document that contains either notes or the technical specifications covering a given technology or standard. RFCs can provide us with a tremendous amount of details about the inner workings of a particular system. Because RFCs describe the …

  • 15 January

    Looking Closely at Web Servers

    Looking Closely at Web Servers

    Web Servers: Before we can get into the process of analyzing and hacking web servers as well as applications, we must look at the web servers themselves. In the simplest terms, a web server is a software package that is designed to deliver files and content over HTTP. These files …

  • 14 January

    Understanding Wireless Devices

    Understanding Wireless Devices

    Wireless Devices: Mobile devices, including Smartphones, e-book readers, and tablet computers, are popular. Many of these devices use either RF signaling or cellular technologies for communication. Below shows you the result of an Amazon Kindle’s Search for wireless network.   Wireless Scanning is done by a wide variety of devices, …

  • 13 January

    EXTRACTING INFORMATION FROM E-MAIL SERVERS

    EXTRACTING INFORMATION FROM E-MAIL SERVERS

    E-Mail Servers: E-mail servers can provide a wealth of information for hackers and penetration testers. In many ways, e-mail is like revolving door to your target’s organization. Assuming your target is hosting their own e-mail server, this is often a great place to attack. It is important to remember. “You …

  • 12 January

    Using a Sniffer – Sniffer Tools

    Using a Sniffer

    Using a Sniffer: We touched on some of the basics of using a sniffer in the previous section, but now let’s get down and dirty. Quite a few sniffer software packages are available that perform nearly identical functions.  The real advantage of one over the other is the robustness of …

  • 11 January

    Download Top 18 Ethical Hacking Books

    Top 18 Books

    Download Top 18 Most Amazing Books of Ethical Hacking: Hello, Everyone Today I am going to Share some of the Most Amazing E-Books on Ethical Hacking So, That you Guys Would Learn The Most in This year.   You Can Download All The Books or Read Them Online.   Secrets …

  • 10 January

    Kerberos: Cracking Kerberos

    Kerberos: Cracking Kerberos

    Kerberos: On the Microsoft platform, version 5 of the Kerberos authentication protocol has been in use since Windows 2000. The protocol offers a robust authentication framework through the use of strong cryptographic mechanism such as symmetric key cryptography. It provides mutual authentication of client and server.   The Kerberos protocol …

  • 9 January

    Planting a Backdoor – Using Netcat

    Planting a Backdoor

    Planting a Backdoor: There are many ways to plant a backdoor on a system, but let’s look at one provided via the PsTools suite. This suite includes a mixed bag of utilities designed to ease system administration. Among these tools is PsExec, which is designed to run commands interactively or …

  • 8 January

    DNS Spoofing – Performing DNS Spoofing

    DNS Spoofing – Performing DNS Spoofing

    DNS Spoofing: DNS is an important service for just about any network today. Some networks, such as those that use Active Directory, cannot even function without DNS being present in the environment. With these points in mind, we need to look at an attack, the attacking party modifies the DNS …