My buddy Aamir Lakahani wrote a cool post on how to create exploits with Metasploit. The original post can be found HERE.
Metasploit has the ability to create an executable payload. This can be extremely useful if you can get a target machine to run the executable. Attackers often use social engineering, phishing, and other attacks to get a victim to run a payload. If attackers can get their a victim to run a payload, there is no reason for an attacker to find and exploit vulnerable software.Continue reading →
The people at TheHackerNews.com wrote a article on a new attack against Android devices that tricks users into believing they have powered off their device so they can spy on them. The original post can be found HERE.
Security researchers have unearthed a new Android Trojan that tricks victims into believing they have switched their device off while it continues “spying” on the users’ activities in the background. So, next time be very sure while you turn off your Android smartphones.
One really cool tool that I’ve had a lot of fun playing with is the Raspberry Pi. My buddy Aamir Lakhani and I recently went under contract for our second book covering how to run Kali Linux on a Raspberry Pi to perform various penetration testing scenarios. Here is a basic overview of the Raspberry Pi used as a security tool. The book should be out early next year.
For those that haven’t heard of a Raspberry Pi, it’s a small computer that is dirt cheap and can be imaged for just about anything. Continue reading →
I’m often asked “why did my system get infected when I had the latest system updates and anti-virus enabled?” Well, a fundamental concept behind security products is they can only look for so many things or use so many detection techniques before they must permit traffic. This means your defenses will fail if an attack uses a method that your detection system can’t see or scanner does not have an existing signature to scan against. This is why attackers hide exploits using techniques such as obfuscation to bypass security detection. Continue reading →
I wrote about one of my favorite hot-spot honeypot tools known as the WiFI pineapple Mark IV last year HERE. The pineapple only cost $100 dollars and can be found at the HAK5 store.
To summarize what this bad boy does, it is a small portable attack tool that can run things such as Karma used to spoof trusted SSIDs and SSL strip to remove trusted connections while sniffing traffic. So for example, lets say your home network is PUPPYDOG123. When you’re at home, your wireless devices will look for PUPPYDOG123 and connect if they see it. When the pineapple is present and running Karma, it can say back “Hey, I’m PUPPYDOG123 … connect to me”. Your device will think its your network and connect. Traffic will go through the Pineapple so you think you are on a trusted network however the pineapple is between aka a man-in-the-middle attack. Continue reading →
If you are familiar with penetration tools, then you should know Metasploit. For those that love GUIs, there is a fantastic open source GUI management for Metasploit known as Armitage (found HERE). The same developers of Armitage created a more advanced penetration testing package for a $2,500 annual cost. The tool is called cobalt Strike (CS) and can be downloaded at www.advancedpentest.com for a 21day trail. They also have a 4-hour lab that lets you try out the core cobalt Strike features. It is worth spending the time to test the tool and get some lab time even though the lab itself is is pretty easy. Continue reading →
A coworker of mine, Tom Cross, was featured on CBS Atlanta regarding a case where a newscast member had her credit card information stolen. An interesting aspect of this situation is the criminals obtained the card number while the victim was in another city holding the authentic card. It is undetermined how the criminals stole the card number to create the duplicate but the motive clear … purchase giftcards until the credit card account becomes locked. Continue reading →