In this article, we’ll walk through the most popular and powerful utilities for assessing and hardening the security of Windows—both desktop and server—and look at tools for configuring security‑enhancing settings. This is a true must‑have toolkit for…
CONTINUE READING 🡒 Author: Ivan Piskunov
KRACK in Practice: How the Wi‑Fi WPA2 Key Reinstallation Attack…
In the fall of 2017, the world learned about a new threat to Wi‑Fi security. It affects virtually all devices and software platforms. No matter how long or complex your password is, it won’t help, because KRACK…
CONTINUE READING 🡒 
Malware Reverse Engineering for Beginners: Unpacking Packers and Defeating Protectors
One of malware authors’ favorite tricks is to use executable packers and protectors. Originally, these tools were fairly mundane: they were meant to shrink compiled binaries or produce demo builds without adding protection to the main code.…
CONTINUE READING 🡒 
Linux Hardening: Essential Tools for Comprehensive Security Auditing
In this article, we’ll explore the key utilities for Linux hardening—tools for assessing a Linux system’s security posture and validating configurations from an information security perspective. We’ll not only review the tools but also provide practical examples…
CONTINUE READING 🡒 
Life Without Antivirus: How to Remove Malware Manually and Harden…
When asked “What antivirus do you use on your Windows machine?” many security professionals (including people on our editorial team) answer: none. When massive outbreaks infect hundreds of thousands of computers despite all the latest defense tech,…
CONTINUE READING 🡒 
Conducting Forensics on Linux: Memory, Disk, and Network Dumping for…
The first task in digital forensics is data collection, specifically acquiring images of hard drives and RAM, as well as network connection dumps if they might be helpful. In this article, we'll explore what needs to be…
CONTINUE READING 🡒 
Over-the-air tricks. Simple and effective Wi-Fi pentesting techniques
In this article, I will demonstrate a few simple and common -although efficient! - Wi-Fi pentesting tricks: hiding your MAC address when you scan a network and attack WPA2, identification of 'hidden' networks, bypassing MAC filtering, and…
CONTINUE READING 🡒 
Secrets of the treasurer’s laptop: digital forensic analysis helps solve…
"Where's the money?" Or, rather, "Where did the money go?" The user of a company-owned Windows 10 laptop fell victim of a cyberfraud attack. Or maybe the employee faked it and stole the money while pointing fingers…
CONTINUE READING 🡒 
Poisoned documents. How to exploit dangerous Microsoft Office bugs
This article addresses several critical vulnerabilities in Microsoft Office programs. They aren't new and had caused a great stir a while back. Metasploit Framework modules have already been developed for these bugs, and plenty of related projects…
CONTINUE READING 🡒 
Linux post-exploitation. Advancing from user to super-user in a few…
This article is dedicated to some of the most popular and, more importantly, working post-exploitation utilities for Linux servers. You are about to learn how to manipulate the system, gain root access, or steal valuable data right…
CONTINUE READING 🡒