Browsing tag
Also known as DPI, deep packet inspection is a kind of packet filtering that evaluates the data and header of a packet that is transmitted through an inspection unit to weed out any control that is non-compliant; any viruses, spam, or intrusions; and any other defined criteria in order to block that packet from passing […]
In general, corporate security policies define the information assets needed to continue corporate activities. Detecting threats to this information asset is the role of detection and response system. In addition, reducing or avoiding the risk against detected threats plays a role of prevention, a big word today in the age of left and right hacking […]
The threat of DDoS (Denial-of-Service) attacks that send massive processing demands from multiple Internet-connected devices (be it a PC, a smartphone, a tablet or an IoT) to the target server and bring the system down has grown tremendously in the past decade. It is possible that an attack may shut down a network of one […]
Once again Toyota Motor Corporation reported its second data breach. The first attack was in February, and it’s not clear whether the two incidents are related. The latest incident, revealed Friday, that a breach has affected its sales offices in Japan, breaching data of up to 3.1 million customers. In February, Toyota’s Australia branch announced […]
procedural security is what we call operational security (OPSEC), it is kind of risk management process that encourages admin to monitor operations from the perspective of an adversary, and draw conclusions to protect sensitive information from falling into the wrong hands. OPSEC is becoming popular in the private sector though it was used by the […]
VPN is a wonderful thing that you all have probably heard about. I assume it was something like this: “Using a VPN you can visit websites blocked by state services and engage in any network activity without fear of revealing your actual IP address.” If you thought that Virtual Private Network is a magic tool […]
Currently, most computers are connected to the network, and various information is exchanged beyond national borders. Mobile devices such as smartphones and tablets have also been used in business, personal entertainment and productivity are way more than desktop PCs. In addition, the IoT (Internet-of-Things) technology that connects machinery and equipment used in production processes, social […]
What is a Secure Web Gateway (SWG)? For the perspective of a typical Joe or Jill of today’s computing, Secure Web Gateway is an alien name. However, it is simply a tunneling service, common people calls it the cloud, that securely connects data and applications between two different networks. It’s main capabilities offered are: Easily […]
APT32 malware has been covered here in Hackercombat recently, and we are set to update you of the latest findings from Palo Alto Networks. KerrDown, the newly developed special downloader that APT32 malware package use in order to propagate itself faster than ever before. Asia-Pacific region is the main target of the KerrDown-based APT32, also […]
Synopsisbscan is a command-line utility to perform active information gathering and service enumeration. At its core, bscan asynchronously spawns processes of well-known scanning utilities, repurposing scan results into highlighted console output and a well-defined directory structure. Installationbscan was written to be run on Kali Linux, but there is nothing inherently preventing it from running on […]
A powerful tool for managing networks and troubleshoot network problems! Features Network Interface – Information, Configure IP-Scanner Port-Scanner Ping Traceroute DNS Lookup Remote Desktop PuTTY (requires PuTTY) TightVNC (requires TightVNC) SNMP – Get, Walk, Set (v1, v2c, v3) Wake on LAN HTTP Headers Whois Subnet Calculator – Calculator, Subnetting, Supernetting Lookup – OUI, Port Connections […]
You may want to think twice before providing an enterprise fax number to a stranger Many companies still provide their fax number in the contact information section on their websites. After all, it is considered completely harmless to share the fax number alongside other data, such as email addresses or phone numbers of a company. […]
It’s no longer necessary to run attacker code on the victim system. When the Spectre and Meltdown attacks were disclosed earlier this year, the initial exploits required an attacker to be able to run code of their choosing on a victim system. This made browsers vulnerable, as suitably crafted JavaScript could be used to perform Spectre attacks. […]
A powerful tool for managing networks and troubleshoot network problems! Features Network Interface – Information, Configure IP-Scanner Port-Scanner Ping Traceroute DNS Lookup Remote Desktop PuTTY SNMP – Get, Walk, Set (v1, v2c, v3) Wake on LAN HTTP Headers Subnet Calculator – Calculator, Subnetting, Supernetting Lookup – OUI, Port Connections Listeners ARP Table Languages English German […]
Research has revealed that public WiFi networks are more dangerous than one might realize. They can be like ripe fruit for hackers. Setting up a fake WiFi network to steal personal information is an easy task for these hackers. When a user tries to connect with public WiFi, especially at an airport or coffee shop, […]
Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it […]
LuLu is the free open-source macOS firewall that aims to block unauthorized (outgoing) network traffic, unless explicitly approved by the user: Full details and usage instructions can be found here. It’s also important to understand LuLu’s limitations! Some of these will be addressed as the software matures, while others are design decisions (mostly with the […]
Monitor illegal wireless network activities. Similar SSID broadcasts Same SSID broadcasts Calculates unencrypted wireless networks density Watches SSID broadcasts at the blacklist. Capabilities (Now) Calculates Unencrypted wireless network density Finds same ssid, different encryption Working Principle for PiDense Collects all the packets from Wireless Networks. Analyzes all the beacon packets. If PiDens detects more than defined threshold of […]
SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and by displaying all tool output in a convenient way. If little time is spent setting up commands […]
dnscap is a network capture utility designed specifically for DNS traffic. It produces binary data in pcap(3) and other format. This utility is similar to tcpdump(1), but has a number of features tailored to DNS transactions and protocol options. DNS-OARC uses dnscap for DITL data collections. Some of its features include: Understands both IPv4 and IPv6 Captures UDP, TCP, and IP […]
Detects wireless network attacks performed by KARMA module (fake AP). Starts deauthentication attack (for fake access points) Working Principle for PiKarma Collects all the packets from Wireless Network. (Probe Response) Analyses all the packets in real time. If PiKarma finds more than one SSID info from unique mac address in Probe Response; Logs the activity […]