Mastering OSQuery: SQL-Powered Endpoint Monitoring
OSQuery is an open-source tool developed by Facebook that allows you to use SQL queries to monitor and manage your operating systems. It transforms your operating system into a relational database, enabling you to query various system properties and configurations using SQL syntax. This guide provides a comprehensive overview of OSQuery, including its types, benefits, usage, and how it...
Netdiscover – Live Host Identification
Netdiscover - simple ARP Scanner to scan for live hosts in a network Netdiscover is a simple ARP scanner that can be used to scan for live hosts in a network. It can scan for multiple subnets also. It simply produces the output in a live display(ncurse). This can be used in the first phases of a pentest where you...
Burpsuite – Use Burp Intruder to Bruteforce Forms
Using Burp Intruder to Bruteforce passwords. Burpsuite is a collection of tools and plugins for any web application security testing bundled into a single executable jar file. It contains about 8 useful tools for performing spidering, fuzzing, decoding etc. But the prime feature is that, it is an intercepting proxy which works on application layer. So even HTTPS connections passing...
Getting Started with Wireshark: Network Traffic Analysis
Wireshark is a powerful and widely-used network protocol analyzer that allows users to capture and interactively browse the traffic running on a computer network. This guide will walk you through the basics of how Wireshark works, how to analyze network traffic, its features, and technical specifications. How Wireshark Works Wireshark captures data packets traveling over a network. It operates at the...
Update Nmap in Kali Linux
Install & Update Nmap in Kali Linux Rolling, Sana & earlier versions This tutorial will show you how to update nmap in kali linux 2.0. Nmap 7.0 was released earlier this month. Refer to here to view What's New in Nmap 7. Kali Rolling comes with nmap v7 by default. Still you can use the steps below to update nmap or...
Introduction to OpenVAS: Open-Source Vulnerability Scanning
In the rapidly evolving world of cybersecurity, maintaining a robust defense against vulnerabilities is crucial for any organization. OpenVAS (Open Vulnerability Assessment System) is an open-source solution that provides comprehensive vulnerability scanning capabilities. This guide will delve into how OpenVAS works, its technical specifications, and how companies can effectively use it to scan for vulnerabilities. What is OpenVAS? OpenVAS is a...
NMAP 7.0 Released
NMAP 7.0 What's New ? Nmap has always been the king of scanners for a Security professional. After 18 years from it's first release, the 7th version has been released. This is the current major & stable release containing about 330 significant improvements. Over all this period, the developers have managed to improve the speed of scans, add more functionalities, include...
SQLMAP – Introduction & Automation of SQLi
Basic Operation of SQLMAP & enumeration of Server through automatic SQL Injection. SQLMAP is a database pentesting tool used to automate SQL Injection. Practically using sqlmap, we can dump a whole database from a vulnerable server. SQLMap is written in python and has got dynamic testing features. It can conduct tests for various database backends very efficiently. Sqlmap offers a highly...
World Wide Live Attack Map & Analytics
Ever wanted to see live DOS attacks across the globe? There is a website from a security firm that shows live attacks from all over the globe including the protocol information, IP addresses and country. All this information is put together in a wonderful hacker-like map. Live attacks & traffic are shown once you start the live view. The website...
macof
MAC Flooding with MACOF & some major countermeasures Macof is a member of the Dsniff suit toolset and mainly used to flood the switch on a local network with MAC addresses. The reason for this is that the switch regulates the flow of data between its ports. It actively monitors (cache) the MAC address on each port, which helps it...