Creating Wordlist for Brute Force Attack

Brute force is an old attack technique but it can be still gold. For brute force attack, we need a wordlist/password list that will be tried by the tool we use, including possible passwords. Then, the tool will try thousands of these passwords per second. This is also referred to dictionary attack. The stronger your … Continue reading Creating Wordlist for Brute Force Attack

System Analysis with Process Explorer

Computer forensics is a set of methodological techniques to gather, identify and present evidence from digital equipment. There are many different techniques required. One of them is getting the system information. Process Explorer is a tool helping you to get system information from any Windows machine. Process Explorer (procexp64.exe) is a SysInternals tool that can … Continue reading System Analysis with Process Explorer

A Quick Guide for Ransomware Protection

Unfortunately, ransomware problem is growing every day, although a lot of cases we hear and tens of articles and webinars are published about it. In this post, I try to explain the Protection processes against ransomware. Then, with more posts, I will try to explain every steps deeper. If you have been exposed to it … Continue reading A Quick Guide for Ransomware Protection

A Sad Story: Don’t Invest, Just Prodigalize

Last week, a friend called me, gave some bad news about a company. The company was looking for help since they became a victim of Egregor ransomware and trying to learn what to do against attacker since the attacker got their all data, encrypted it and gave three days to be paid 500k dollars. The … Continue reading A Sad Story: Don’t Invest, Just Prodigalize

TOR As A SOCKS Proxy

Almost all applications and web sites are trying to learn who we are and what we are looking for on the internet. These informations are being used for many different reasons like advertisements and to detect malicious attempts. Again, for many reasons, it is very important to surf internet anonymously. Tor is used for anonymous … Continue reading TOR As A SOCKS Proxy

How to Install Metasploit on Ubuntu

If you are familiar with infosec, you must know already what Metasploit is. So, I will not explain it here again. Metasploit is a predefined tool in Kali but if you use Ubuntu like me, it is better to install Metasploit on it even if switching to Kali for using. It is very easy to … Continue reading How to Install Metasploit on Ubuntu

C&C with Empire – A Mitre Att&ck T1071 and T1086 Demo

".. a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. It premiered at BSidesLV in 2015." … Continue reading C&C with Empire – A Mitre Att&ck T1071 and T1086 Demo