Few months ago, I didn't know what Bash was, only heard of SSH tunneling, no practical knowledge. I also didn't like paying for the PWK lab time without using it, so I went through a number of resources till I felt ready for starting the course. Warning: Don't expect to be spoon-fed if you're
On April 9 and April 14, 2017, the Shadow Brokers threat group released archives of attack tools and other information that it claims originated from the National Security Agency (NSA). The contents included exploits against Windows, Solaris, and other software from as early as 2008, as well as information about a campaign targeting
Boldly going where no man has gone before, the Kirk Ransomware brings so much nerdy goodness to the table that it could make anyone in IT interested. We have Star Trek, Low Orbital Ion Cannons, a cryptocurrency payment other than Bitcoin, and a decryptor named Spock! Need I say more? Discovered today by Avast malware researcher Jakub
Introducing SQL Injection SQL injection has been around for at least 20 years, but it is no less powerful or dangerous than any other attack we have covered so far. It is designed to exploit flaws in a website or web application. The attack works by inserting code into an existing line of code prior
Low Orbit Ion Cannon (LOIC) is one the easiest DDoS tools available, yet its simplicity and remote connection features make it an extremely effective tool. In this guide I will show you just how easy it is to launch a DoS attack using LOIC. For this exercise I used a Windows Server 2008 client with
CIA malware targets iPhone, Android, smart TVs CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA's DDI (Directorate for Digital Innovation). The DDI is one of the five major directorates of the CIA (see this
In my previous post “Pentestit Lab v10 - Introduction & Layout”, I covered the Network layout and VPN Connection. Today I will be covering the first steps taken to attack the lab - which will include the following: Fingerprinting the GW machine Carrying out Intelligence Gathering Brute Forcing SMTP Finding the Mail Token There are 13 Tokens in total scattered
Distributed denial-of-service (DDoS) attacks have the same goals, but the implementation is much more complex and wields more power. Whereas a DoS attack relies on a single system or a very small number of systems to attack a victim, a DDoS attack scales this up by having several attackers go after a victim.