Blog Posts Tagged with "Tutorial"

B64e021126c832bb29ec9fa988155eaf

Windows 8 Security in Action: Part 3

January 16, 2013 Added by:Dan Dieterle

User training about online threats and phishing defense needs to remain in place. The standard advice of not running unknown or unsolicited attachments, or visiting suspicious websites, and all the normal Social Engineering defense training remains the same...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Windows 8 Forensics: Recycle Bin

November 27, 2012 Added by:Dan Dieterle

The purpose of this project is to determine key differences between the Windows 7 and Windows 8 operating system from a forensic standpoint in order to determine if there are any significant changes that will be either beneficial or detrimental to the forensic investigation process...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Windows 8 Security in Action: Part 2

November 22, 2012 Added by:Dan Dieterle

I have noticed some changes in the way Microsoft handles their different service account passwords over the past few weeks. It first started a while back when using Microsoft Live mail. One day when I typed in my legitimate password to my e-mail account, I received this error message...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Windows 8 Security in Action: Part 1

November 04, 2012 Added by:Dan Dieterle

Is Windows 8 the next operating system for your enterprise? In this article, we will take a quick look at Microsoft’s new OS – Windows 8. We will see some of the new security features that make it more secure than its predecessor Windows 7...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Old School On-Target NBNS Spoofing

September 30, 2012 Added by:Rob Fuller

So it turns out that Windows Firewall talks IP addresses just like any other firewall, so if you configure FakeNetBIOSNS to tell everyone that the IP address for whatever they looked up is YOUR IP, guess what, no need to bypass the spoof filters...

Comments  (7)

71d85bb5d111973cb65dfee3d2a7e6c9

Metasploit Persistence

September 24, 2012 Added by:f8lerror

You pop a box, get your meterpreter shell at the end of the day. You leave your shell, come back in the morning and find out the connection dropped because the system rebooted. Luckily @Carlos_Perez/Darkoperator made a persistence script that is included in Metasploit...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Windows 8 Forensics: Reset and Refresh Artifacts

September 24, 2012 Added by:Dan Dieterle

Everything about the machine pre-refresh can be recovered, and is placed into a folder named windows.old. Information in regards to the migration process, old vs. new mappings, and the date and time of the refresh can be found by in the $SysReset folder and the specific log...

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Recovering Login Sessions, Loaded Drivers, and Command History with Volatility

September 18, 2012 Added by:Michael Ligh

Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Raising Zombies in Windows: Passwords

September 13, 2012 Added by:Rob Fuller

List the tokens available with Incognito, your new user will be there, steal it and you're done. You now have the ability to user that account/domain token on any of the hosts you've compromised on the network, not just the ones they happen to have left themselves logged in...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Cross-Protocol Chained Pass the Hash for Metasploit

August 29, 2012 Added by:Rob Fuller

Every so often someone writes a Metasploit Module that is pretty epic. July 12th was one such day, and as soon as you do you can start using this (using the example resource file to put a file, cat it out, enum shares available, list files on a share) then psexec all from a single URL being loaded...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Social Engineering Toolkit: Bypassing Antivirus Using Powershell

August 22, 2012 Added by:Dan Dieterle

Just when it looked like antivirus was getting the upper hand against the Social Engineering Toolkit, David Kennedy, author of SET, showed some of the program’s new features. One is a way to get a remote shell by completely bypassing Anti-Virus using a Windows Powershell attack. Let’s look at how this works...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Bypassing TrendMicro's Service Protections

August 20, 2012 Added by:Rob Fuller

It's injecting our payload into the service binary and tossing our payload into "rundll32.exe" at run time on the victim. Lets change this so it doesn't do any injection and just executes a binary. That removes the 'injection' piece and hopefully lets us get our shell...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 Tutorial pt 3: Gaining Root from a Vulnerable Service

August 17, 2012 Added by:Dan Dieterle

There are numerous Metasploitable how-to’s out there, but a lot of them focus on the standard services. In real life, which is the service that will most likely go unpatched? The main web server or some secondary service that was installed for a project and then forgotten about? So let’s get started...

Comments  (1)

Bdcd1324539ec513ff7c10014b9668b6

Recovering tmpfs from Linux and Android Memory Captures with Volatility

August 14, 2012 Added by:Andrew Case

Tmpfs is interesting from a forensics perspective for a few reasons. The first is that, in a traditional forensics scenario, the investigator expects that he can shut a computer off, images its disk(s), and get back the filesystem at the time of when the computer was running. With tmpfs, this is obviously not true...

Comments  (3)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 Tutorial pt 2: Scanning for Network Services

August 14, 2012 Added by:Dan Dieterle

Okay, we put in 192.168.12.20 and it scanned it and returned the version of Samba that was running on it. But what if we wanted to scan the whole network for just systems running Samba. This is where the beauty of the RHOSTS command comes into play. Instead of just scanning the single host, let’s scan all 256 clients...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

Go Ahead and Write Down Your Passwords

August 07, 2012 Added by:Boris Sverdlik

Another day, another password hack, and yet another reason not to reuse passwords... Here is a simple bash script to generate strong passwords. Port it to Python or even something more platform independent. Also, don't forget to set Auto Dismount to 15 minutes, so you don't leave it up and running...

Comments  (14)

Page « < 1 - 2 > »