Fuzzing is when random data is thrown at a web application to see what happens next. A Security Fuzzer is a tool designed to provide random data (fuzzing testing) to an application and record the reaction of the application. In the context of web application testing, fuzzing means testing especially for buffer overflows, parameter validation […]
Category: Attacks
What are Attack Vectors?
An attack vector is a path or means by which a hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including the human element. Attack vectors include viruses, e-mail attachments, Web pages, pop-up windows, instant messages, chat […]
Ransomware
Example: An unexpected process with odd name (cjkvy-bc.exe) is observed on a workstation. Soon after the process launch, communication is observed to a known botnet C&C IP address registered in Germany. The MD5 hash of the process identifies it as ransomware; the signature matches TeslaCrypt. Closer examination shows that the EXE has been added to […]
Browser Hijacking Scenario
Here’s a Browser Hijacking Scenario: Employee workstations are secured with brand-name, up–to-date antivirus (AV). The browser was hijacked by MapsGalaxy. This program is capable of modifying your browser homepages to its own. It was unknowingly installed through product bundling with a third party application. Unfortunately, once installed it also added the MapsGalaxy toolbar, changed the […]
Brute Force SSH Attack Scenario
Example of a Brute Force SSH Attack: The firewall detects an attempt to probe vulnerabilities against an external facing webserver using myphpadmin. The scanner, known as ZmEu, has been around since 2012. That is typical of attacks, not particularly zero-day. Brute force SSH attack attempt to guess password and thereby gain access to the underlying […]
NetCat Security by Mati Aharoni
This post is written by one of my favorite InfoSec role models, Mati Aharoni. All credit goes to Mati Aharoni and to networknewz. A few years back, Mati Aharoni, one of the core developers of the BackTrack penetration testing CD and founder of www.offensive-security.com, wrote a short security paper that demonstrated an entire hack from […]
What is an Attack Vector?
An attack vector is a path or means by which a hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including the human element. Attack vectors include viruses, e-mail attachments, Web pages, pop-up windows, instant messages, chat […]
What is a salami attack?
A salami attack is a collection of small attacks that result in a larger attack when combined. For example, if an attacker has a collection of stolen credit card numbers, the attacker could withdraw small amounts of money from each credit card (possibly unnoticed by the credit card holders). Although each withdrawal is small, the […]
What is a SYN Flood attack?
A SYN flood attack disrupts the TCP initiation process by withholding the third packet of the TCP three-way handshake. Flood guards protect against SYN flood attacks.
How can you sustain attacks?
Attack communications must be stealthy and cannot raise any suspicion on the network. Such traffic is usually obfuscated or hidden through techniques that include: Encryption with SSL, SSH (Secure Shell), or some other custom application. Proprietary encryption is also commonly used. For example, BitTorrent is known for its use of proprietary encryption and is a […]