Wednesday , August 22 2018

January, 2018

  • 22 January

    Identifying Critical Systems and Components

    Identifying Critical Systems and Components

    Identifying Critical Systems & Components:  Sometimes your systems are dependent on things that you would not normally consider, basic utilities such as electricity, water, and natural gas are key aspects of business continuity. In the vast majority of cases, electricity and water are restored—at least on an emergency basis—fairly rapidly. …

  • 21 January

    Risks Associated with Cloud Computing

    Risks Associated with Cloud Computing

    Risks with Cloud Computing: The Term cloud computing has grown in popularity recently, but few agree on what it truly means. For the purpose of the Security+ Exam, cloud computing means hosting services and data on the Internet instead of hosting it locally. Some examples of this include running office …

  • 20 January

    Risks Associated with Virtualization

    Risks Associated with Virtualization

    Risks Associated with Virtualization: If cloud computing has grown in popularity, virtualization has become the technology du jour. Virtualization consists of allowing one set of hardware to host multiple virtual machines. It is in use at most large corporations, and it is also becoming more common at smaller businesses. Some …

  • 19 January

    Burp Suite

    Burp Suite

    Burp Suite: For our purposes, we will use Burp Suite Intercept (or just Burp for short) as our proxy as it is widely viewed as one of the most feature-rich web hacking platform available.   We will be using many tools in Burp Suite throughout the duration of our hacking …

  • 18 January

    BRUTE FORCE AUTHENTICATION ATTACKS

    BRUTE FORCE AUTHENTICATION ATTACKS

    Brute Force Attacks: Authentication actually takes place in many other parts of the web application other then the main login page. It is also present when you change your password, update your account information, use the password recovery functionality, answering secret questions, and when you use the remember me option. …

  • 17 January

    Operating System Command Injection Vulnerabilities

    Operating System Command Injection Vulnerabilities

    O/S Command Injection Vulnerabilities: Another attack vector that is part of injection is operating system command injection. This occurs when a hacker is able to dictate what system level commands (commonly bash in Linux or cmd.exe in Windows) are run on the web server. In most cases, a hacker will …

  • 16 January

    USING NMAP TO PERFORM AN XMAS SCAN

    USING NMAP TO PERFORM AN XMAS SCAN

    XMAS SCAN: In the computer world, a request for comments (RFC) is a document that contains either notes or the technical specifications covering a given technology or standard. RFCs can provide us with a tremendous amount of details about the inner workings of a particular system. Because RFCs describe the …

  • 15 January

    Looking Closely at Web Servers

    Looking Closely at Web Servers

    Web Servers: Before we can get into the process of analyzing and hacking web servers as well as applications, we must look at the web servers themselves. In the simplest terms, a web server is a software package that is designed to deliver files and content over HTTP. These files …

  • 14 January

    Understanding Wireless Devices

    Understanding Wireless Devices

    Wireless Devices: Mobile devices, including Smartphones, e-book readers, and tablet computers, are popular. Many of these devices use either RF signaling or cellular technologies for communication. Below shows you the result of an Amazon Kindle’s Search for wireless network.   Wireless Scanning is done by a wide variety of devices, …

  • 13 January

    EXTRACTING INFORMATION FROM E-MAIL SERVERS

    EXTRACTING INFORMATION FROM E-MAIL SERVERS

    E-Mail Servers: E-mail servers can provide a wealth of information for hackers and penetration testers. In many ways, e-mail is like revolving door to your target’s organization. Assuming your target is hosting their own e-mail server, this is often a great place to attack. It is important to remember. “You …