A New Multi-OS RAT?
A threat actor calling herself as ‘0xFF’ advertised a new RAT in HackForums. According to the threat actor, this new RAT tool is supporting Windows (amd64, i386, arm, arm64), Linux (amd64, i386, arm, arm64), Darwin … Continue reading A New Multi-OS RAT?
Importing Module in Powershell
Modules are typically work in Powershell directly. “Get-Module” command can be used to see imported modules. “Get-Module -ListAvailable” command show the modules available. For the additional modules we want to use, we should import them … Continue reading Importing Module in Powershell
Subdomain Enumeration
Subdomain enumeration is an information gathering technique. It can be used to define the all sites opened to the internet in a company. In large organizations, it is very common to have some forgotten websites … Continue reading Subdomain Enumeration
New Tools of Kali
Kali Linux 2021.2 is released with some new tools called Kaboxer and Kali-Tweaks and some cosmetic changes. Kaboxer provides dockers to use applications that they cannot work in newly OSs anymore or need isolation. Kali-Tweaks … Continue reading New Tools of Kali
Ingress Tool Transfer (MITRE ATT&CK T1105)
Attackers may need to download some tools to perform different actions on victim machine. Mostly, these can be some tools to help scan networks to move laterally, or make the attacker permanent on the victim … Continue reading Ingress Tool Transfer (MITRE ATT&CK T1105)
How to Install Metasploit on Ubuntu
If you are familiar with infosec, you must know already what Metasploit is. So, I will not explain it here again. Metasploit is a predefined tool in Kali but if you use Ubuntu like me, … Continue reading How to Install Metasploit on Ubuntu
C&C with Empire – A Mitre Att&ck T1071 and T1086 Demo
“.. a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, … Continue reading C&C with Empire – A Mitre Att&ck T1071 and T1086 Demo
Credential Dumping – Attack and Defense Techniques (MITRE ATT&CK T1003)
Credential Dumping As MITRE says on its website, adversaries dump credentials to obtain login credentials to perform lateral movement when they got access to a computer. Several tools and techniques may be used to dump … Continue reading Credential Dumping – Attack and Defense Techniques (MITRE ATT&CK T1003)
Dark Web; Anonymity and Privacy
While talking on Dark Web, one is the most confused concepts with Dark Web is Deep Web. But first, I want to touch Surface Web. Surface Web is the indexable part of the internet. This … Continue reading Dark Web; Anonymity and Privacy
Creating Wordlist for Brute Force Attack
Brute force is an old attack technique but it can be still gold. For brute force attack, we need a wordlist/password list that will be tried by the tool we use, including possible passwords. Then, … Continue reading Creating Wordlist for Brute Force Attack
TOR As A SOCKS Proxy
Almost all applications and web sites are trying to learn who we are and what we are looking for on the internet. These informations are being used for many different reasons like advertisements and to … Continue reading TOR As A SOCKS Proxy
Be4Sec 