Incident Response- Windows Cheatsheet
For some people who use their computer systems, their systems might seem normal to them, but they might never realise that there could be something really phishy or even that fact that their systems...
View ArticleCross-Site Scripting Exploitation 2
“Are you one of them, who thinks that Cross-Site Scripting is just for some errors or pop-ups on the screen?” Yes?? Then today in this article, you’ll see how an XSS suffering web-page is not only...
View ArticleThreat Intelligence: MISP Lab Setup
MISP is an open-source Threat intelligence and sharing platform (formerly known as Malware Information Sharing Platform) that is used for collecting, storing distributing, and sharing cybersecurity...
View ArticleIncident Response- Linux Cheatsheet
Detecting any intrusion in your system is a very important step towards Incident response. Incident response is quite vast, but it is always better to start small. While performing incident response,...
View ArticleAuthentication Capture using Auxiliary Module in Metasploit
‘Authentication’ means to show something that is valid. Here, in authentication capture, the attacker can take advantage of it by exploiting open ports Authentication Capture is a method of gaining...
View ArticleAnti-Forensic: Swipe Footprint with Timestomp
In this article, we will learn how we can swipe our footprint after hacking the victim’s system. We can achieve that with the help of the Timestomp feature provided by Metasploit Framework.Let’s...
View ArticleDMV :1 Vulnhub Walkthrough
CTF’s are one of the best and probably the fun way to get hands on pen testing experience. This one in particular, is a great CTF from Vulnhub which uses aspects of web penetration testing like file...
View ArticleSIEM: Log Monitoring Lab Setup with Splunk
Splunk Inc. is an American public multinational corporation based in San Francisco, California, that produces software for searching, monitoring, and analyzing machine-generated big data via a...
View ArticleDefensive Evasion: Alternate Data Streams
Alternate Data Stream are artifact of New Technology File system (NTFS) which was introduced by Windows. It was traditionally introduced so that it could provide compatibility for file sharing with the...
View ArticleFirewall Lab Setup: Untangle
What is Firewall? a firewall is a network security system that monitors, and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a...
View ArticleIncident Response: Account Management Event (Part 1)
For a system to perform well and ensure its maintenance, it is extremely important to monitor and manage events on a system.Event Logs are part of Windows system, that are created by on a system and...
View ArticleIncident Response: Account Management Event (Part 2)
For a system to perform well and ensure its maintenance, it is extremely important to monitor and manage events on a system.Event Logs are part of Windows system, that are created by on a system and...
View ArticlePenetration Testing on CouchDB (5984)
What is CouchDBCouchDB is a Free and open-source fault -tolerant NoSQL database developed by Apache software foundation. It uses JSON, to store data, java script as its query languages and It includes...
View ArticleThreat Hunting: Velociraptor for Endpoint Monitoring
Velociraptor is a tool for collecting host-based state information using Velocidex Query Language (VQL) queries.To learn more about Velociraptor, read the documentation on:...
View ArticleIncident Response: Windows Account Logon and logon Events
A user when authenticates a Windows endpoint, then an Account Logon event will be generated and will be recorded. These account logon events will be recorded in the Security event log of the system...
View ArticleData Exfiltration using Linux Binaries
Have you ever heard about your critical data being exported somewhere else without your knowledge? Data exfiltration is a method of breaching the security and having illegal access over the data of the...
View ArticleUnderstanding the CSRF Vulnerability (A Beginner’s Guide)
You always change your account’s password when you desire for, but what, if your password is changed whenever the attacker wants, and that if when you are not aware with it? Today in this article,...
View ArticleSIEM: Windows Client Monitoring with Splunk
In our previous article, we have covered with Splunk master server setup with a brief demonstration of Dashboard setup or Log monitoring you can visit that article from here. Once done with a complete...
View ArticleUSB Forensics: Detection & Investigation
Universal Serial Bus flash drives, commonly known as USB flash drives are the most common storage devices which can be found as evidence in Digital Forensics Investigation. The digital forensic...
View ArticleForensic Investigation: Preserve Time Stamp
As a Digital Forensic Investigator, you might understand, how important it is to preserve timestamps of any evidence gathered at the scene of a crime. You will be on your toes to make sure that the...
View Article