This article explains how to detect intrusions into your wireless network. Almost all mainstream attacks on Wi-Fi have distinctive features, and you can identify them by listening to the airwaves.
CONTINUE READING 🡒 Author: s0i37
Self-defense for hackers. Detecting attacks in Active Directory
This article explains how to find out that a hacker is operating in your domain, how to automate the detection process, and how to repel attacks in Active Directory.
CONTINUE READING 🡒 
Self-defense for hackers. Catching intruders at the network level
This article presents a number of simple but effective computer self-defense techniques that will help you to detect hackers who have penetrated into your local network. You will learn to identify penetration traces and catch intruders using special scripts. Let’s start with…
CONTINUE READING 🡒 
Virtual magic. Emulation and virtualization technologies in pivoting
When you conduct pentesting audits, you rarely enjoy such luxury as admin privileges or root rights. Quite the opposite, in most situations you have to deal with antiviruses and firewalls that make it almost impossible to deliver an attack. Fortunately, emulation and virtualization magic comes…
CONTINUE READING 🡒 
Advanced cyberphone. Charge your mobile phone with hacker power!
In the hands of a hacker, an ordinary Android smartphone can become a formidable weapon – either on its own or in combination with other devices. But hardware is only one component of hacker’s success: to transform a phone into a hacker tool, special software is required.
CONTINUE READING 🡒 
Cyberphone. Transforming an Android smartphone into a hacker tool
From a hacker’s perspective, a mobile phone is the most handy tool for computer attacks, especially for attacks that require semiphysical access and are delivered over a radio channel. In this article, I will explain how to transform an ordinary Android smartphone into a powerful hacker…
CONTINUE READING 🡒 
KARMAgeddon. Attacking client devices with Karma
Even if your client device isn’t connected to Wi-Fi, it still can be attacked. There is a special category of attacks called Karma that compromise client devices equipped with Wi-Fi modules. This article explains in simple terms how such attacks work.
CONTINUE READING 🡒 
Brute-force on-the-fly. Attacking wireless networks in a simple and effective…
Attacks on Wi-Fi are extremely diverse: your targets are both client devices and access points who, in turn, can use various protocols and authentication methods. This article presents a simple but effective brute-forcing technique for wireless networks.
CONTINUE READING 🡒 
Megadrone. Assembling a long-range and jammer-resistant hacker drone
Imagine that you are sitting with your computer on an upper floor of a secure building located in the middle of a restricted zone fenced by electrified barbed wire. You feel completely safe: cameras and vigilant security personnel protect you. As of a…
CONTINUE READING 🡒 
Poisonous fruit. How to assemble your own Wi-Fi Pineapple and…
In sci-fi movies, hackers often use small pocket devices, less than a cellphone in size, to hack a company’s wireless network, gain access to its servers, and steal passwords. This article gives you a chance to become one of such hackers; all you need for this…
CONTINUE READING 🡒 
Invisible device. Penetrating into a local network with an ‘undetectable’…
Unauthorized access to someone else’s device can be gained not only through a USB port, but also via an Ethernet connection – after all, Ethernet sockets are so abundant in modern offices and public spaces. In this article, I will explain how to penetrate into…
CONTINUE READING 🡒 
Evil modem. Establishing a foothold in the attacked system with…
If you have direct access to the target PC, you can create a permanent and continuous communication channel with it. All you need for this is a USB modem that must be slightly modified first. In this article, I will explain in detail how…
CONTINUE READING 🡒 
Evil Ethernet. BadUSB-ETH attack in detail
If you have a chance to plug a specially crafted device to a USB port of the target computer, you can completely intercept its traffic, collect cookies and passwords, and hack the domain controller. The attack is delivered over Wi-Fi, and this article explains how to implement it.
CONTINUE READING 🡒 
VERY bad flash drive. BadUSB attack in detail
BadUSB attacks are efficient and deadly. This article explains how to deliver such an attack, describes in detail the preparation of a malicious flash drive required for it, provides code that must be written on this device, and discusses how to make Windows and Linux users plug your…
CONTINUE READING 🡒 
Croc-in-the-middle. Using crocodile clips do dump traffic from twisted pair…
Some people say that eavesdropping is bad. But for many security specialists, traffic sniffing is a profession, not a hobby. For some reason, it’s believed that this process requires special expensive equipment, but today, I will show how network traffic…
CONTINUE READING 🡒 
Cold boot attack. Dumping RAM with a USB flash drive
Even if you take efforts to protect the safety of your data, don’t attach sheets with passwords to the monitor, encrypt your hard drive, and always lock your computer before leaving it unattended, this doesn’t guarantee that your information is safe. Your RAM can…
CONTINUE READING 🡒 
Kung fu enumeration. Data collection in attacked systems
In penetration testing, there’s a world of difference between reconnaissance (recon) and data collection (enum). Recon involves passive actions; while enum, active ones. During recon, you use only open sources (OSINT), and the target system is not affected in any way (i.e. all…
CONTINUE READING 🡒 
Infiltration and exfiltration. Data transmission techniques used in pentesting
Imagine a situation: you managed to penetrate the network perimeter and gained access to a server. This server is part of the company’s internal network, and, in theory, you could penetrate there as well. Too bad, the compromised node is in the DMZ and doesn’t have access to the Internet.…
CONTINUE READING 🡒 
F#ck da Antivirus! How to bypass antiviruses during pentest
Antiviruses are extremely useful tools – but not in situations when you need to remain unnoticed on an attacked network. Today, I will explain how to fool antivirus programs and avoid detection in compromised systems during penetration testing.
CONTINUE READING 🡒 
Persistence cheatsheet. How to establish persistence on the target host…
Once you have got a shell on the target host, the first thing you have to do is make your presence in the system ‘persistent’. In many real-life situations, you have only one RCE attempt and cannot afford losing access due to some unexpected event.
CONTINUE READING 🡒