Collaborate Disseminate
My current understanding is that an exploit kit will fingerprint (gather information on) a system, check those details against a database of vulnerabilities and then attempt to use the relevant exploits.
I can see simple way… Continue reading How do exploit kits enumerate or fingerprint their targets?
We see these kinds of attempts with some frequency. Normally a leak has happened from some other 3rd party, and an attacker has a big list of known account + password combinations that they can try against other systems. They… Continue reading To what extent should we defend against leaked credentials being tested against our system?
How to identify target IP address from the AD username? any tool or technique?
I need to figure out a good way to do internal subdomain enumerations in corp network? My goal is to find the list of internal subdomains in my organizations. I tried https://github.com/TheRook/subbrute but this is for extern… Continue reading how to do internal subdomain enumerations in corp network?
I’m trying to understand how NSEC and NSEC3 records work in DNSSEC. When I query for an non-existent domain with supports NSEC3, I get the following output
$ dig +dnssec NSEC3 gggg.icann.org. | grep -F “NSEC3” | grep -Fv “RRSIG NSEC3”
… Continue reading Can someone explain me the DNSSEC NSEC3 output?
I will liken him to a wise man, who built his house on a rock. The rain came down, the floods came, and the winds blew, and beat on that house; and it didn’t fall, for it was founded on the rock. Everyone who hears these words of mine, and doesn’t do them will be… Read More Continue reading The Journey to Hijacking a Country’s TLD – The Hidden Risks of Domain Extensions
In recent news, IoT devices are a target of hackers — specifically botnet herders. The first step to securing your organization and its users is to detect all IoT devices that are functional on your IP address range. If ever… Continue reading What is the key to detecting all IoT devices in your organization?
In recent news, IoT devices are a target of hackers — specifically botnet herders. The first step to securing your organization and its users is to detect all IoT devices that are functional on your IP address range. If ever… Continue reading What is the key to detecting all IoT devices in your organization? [closed]
Recently saw someone accessed my wireless network.
He is doing some strange stuff [I saw using Wireshark] so I scanned him and saw that his PC had RDP enabled. So, it’s obvious what I have to do.
I need to get his ‘username… Continue reading How to grab ‘username’ of remote PC?
Recently saw someone accessed my wireless network.
He is doing some strange stuff [I saw using Wireshark] so I scanned him and saw that his PC had RDP enabled. So, it’s obvious what I have to do.
I need to get his ‘username… Continue reading How to grab ‘username’ of remote PC?