Blue Team

Prometei Exploits MS Exchange Vulnerabilities

A new malicious called Prometei has been determined, that including Exchange servers have ProxyLogon vulnerability to cryptocurrency network. Prometei is a modular malicious code and has different features like credential dumping, usage of the system […]

XSS Detection and Prevention

XSS is a common and very popular vulnerability also took place in Owasp Top10 from the beginning. XSS is hard to detect and very dangerous since an attacker can gain the ability what user can […]

OpenVAS Vulnerability Scanner

OpenVAS is a preinstalled vulnerability tool in both Kali and Parrot. It is completely free and even if it is preinstalled in these OSs, you need to do something before you use it. First, you […]

A Quick Guide for Ransomware Protection

Unfortunately, ransomware problem is growing every day, although a lot of cases we hear and tens of articles and webinars are published about it. In this post, I try to explain the Protection processes against […]

wget with Powershell

 function global:wget($Address, [switch]$NoCache){ $client = New-Object Net.WebClient $proxy = New-object System.Net.WebProxy “10.0.0.10:8080” $proxy.Credentials = New-Object System.Net.NetworkCredential (“DOMAIN\user”, “password”) $client.proxy=$proxy$Client.Headers.Add(“user-agent”, “Windows Powershell WebClient Header”) if ($NoCache) {# doesn’t use the cache at all$client.CachePolicy = New-Object Net.Cache.RequestCachePolicy([Net.Cache.RequestCacheLevel]::NoCacheNoStore)}$client.DownloadString($Address)}wget -Address “http://www.be4sec.com” -NoCache

FireEye NX SmartVision SC Killswitch

SmartVision is the lateral movement detection module of the network security product (NX) of FireEye. There are too many documents and descriptions about it on FireEye’s website, so I will not touch on it here. […]