Echo Mirage: Walkthrough

By Chiragh Dewan

In this article, we will learn about Echo Mirage, a freeware tool that hooks into an application’s process and enables us to monitor the network interactions being done. This process can be done with a running process, or it can run the application on the user’s behalf. This type of security testing falls under Thick Client Application Security Testing. Thick Clients Applications can be further divided into two parts: Proxy-aware Thick Clients Proxy-Unaware Thick Clients Proxy-aware Thick Clients If a Thick Client can set up a proxy server, then it is known as a Proxy-aware Thick Client. Examples of Proxy-aware Thick Clients are Microsoft Outlook, Google Talk, Yahoo Messenger, etc.
» Read more

Websploit Wifi Jammer

In this tutorial we will be exploring the Websploit Wifi Jammer module which we’ve edited to work with the latest version of Kali Linux. The Websploit Wifi Jammer module is a great tool to automatically disconnect every client connected to the targeted wireless network and access point. The WiFi Jammer module also prevents new and disconnected clients from connecting to the WiFi network. The module has been edited to work with Kali 2.0 and the new monitoring interface names (wlan0mon, wlan1mon etc.). For your convenience we’ve also set wlan0mon as the default interface.

» Read more

Fern Wifi Cracker

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks.
» Read more

Aircrack

Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It implements the best known cracking algorithms to recover wireless keys once enough encrypted packets have been gathered. . The suite comprises over a dozen discrete tools, including airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).
» Read more

iOpus Private Internet Gateway

From iOpus Software: Using powerful 256-bit AES encryption technology, the iOpus Private Internet Gateway (iPIG) creates a secure “tunnel” that protects your inbound and outbound communications (Email, Web, IM, VOIP, calls, FTP, etc.) at any Wi-Fi hotspot or wired network.
» Read more

AccessChk

As a part of ensuring that they’ve created a secure environment Windows administrators often need to know what kind of accesses specific users or groups have to resources including files, directories, Registry keys, global objects and Windows services. AccessChk quickly answers these questions with an intuitive interface and output.
» Read more

Maltego CE

Maltego CE is the community version of Maltego that is available for free after a quick online registration. Maltego CE includes most of the same functionality as the commercial version however it has some limitations. The main limitation with the community version is that the application cannot be used for commercial purposes and there is also a limitation on the maximum number of entities that can be returned from a single transform. In the community version of Maltego there is no graph export functionality that is availalbe in the commercial versions.
» Read more

AccessEnum

While the flexible security model employed by Windows NT-based systems allows full control over security and file permissions, managing permissions so that users have appropriate access to files, directories and Registry keys can be difficult. There’s no built-in way to quickly view user accesses to a tree of directories or keys. AccessEnum gives you a full view of your file system and Registry security settings in seconds, making it the ideal tool for helping you for security holes and lock down permissions where necessary.
» Read more

Intelligence-Driven Incident Response with YARA

By Ricardo Dias

Given the current cyber threat landscape, organizations are now beginning to acknowledge the inexorable law that decrees that they will be compromised. Threat actors’ tactics, techniques, and procedures demand intelligence-driven incident response, which in turn, depend upon methodologies capable of yielding actionable threat intelligence in order to adapt to each threat. The process to develop such intelligence is already in motion, heavily relying on behavioral analysis, and has given birth to cyber threat indicators as a means of fingerprinting and thus identifying new and unknown threats. This paper will focus on YARA, a malware identification and classification tool used as a scan engine, whose features will be explored in order to deploy indicators at the endpoint.
» Read more

SANS Investigate Forensics Toolkit—Forensics Martial Arts Part 1

By Aditya Balapure

The SANS Investigate Forensic Toolkit (SIFT) is an interesting tool created by the SANS Forensic Team and is available publicly and freely for the whole community. It comes with a set of preconfigured tools to perform computer forensic digital investigations. This is based on Ubuntu and has a long list of tools for present forensic needs. We will have a walkthrough of some of the very famous tools used in forensic investigations. It supports evidence formats such as raw format (.dd), encase image file format (E01), and advanced forensics format (AFF).
» Read more

1 2