Fuzzing is all the rage. It is broadly used today by programmers testing their products, cybersecurity researchers, and, of course, hackers. The use of fuzzers requires a good understanding of their work principles. These top-notch tools make it possible to identify previously unknown vulnerabilities in various applications. In this article, I will address different fuzzing types and show how to use one of them, WinAFL.
No doubt, the Tor browser is an essential privacy protection tool. However, Tor alone cannot cover you up and hide your traces. To stay undercover, you need Tails. Tails is a security-focused, Debian-based Linux distribution made to ensure your privacy and anonymity. Tails on a portable flash drive can fully protect you from tracking; furthermore, your privacy won’t be compromised even if your residence is searched!
Remote access to Web cameras and security cameras is a common hacking technique. It does not require any special software or even special skills. All you need is a Web browser and a few simple manipulations. In other words, you may gain access to thousands of electronic eyes around the world if you know how to find their IP addresses and exploit their vulnerabilities.
One day, GS Labs research and development center launched a project to identify possible bugs and vulnerabilities in its systems. However, the tested device chosen to run the application was pretty tricky: no way to install the root and no Ethernet connection. The only available communication methods were Wi-Fi and a remote control with a few buttons – so, who knows what’s going to be transferred via Wi-Fi? Hackers do not like uncertainty. Hackers like certainty. I had a couple of ESP32-based debug boards at home (the ESP32-PICO-KIT), and decided to build a Wi-Fi sniffer with the potential to be upgraded to a Bluetooth sniffer.
So you’ve got that flashy new high-tech gadget. It could be a smart home controller or a top-notch interactive media streaming box – the one that can tune in to thousands of channels from all over the world and make an espresso during commercial breaks. But how to find out what this gadget is doing behind your back?
This article is dedicated to some of the most popular and, more importantly, working post-exploitation utilities for Linux servers. You are about to learn how to manipulate the system, gain root access, or steal valuable data right away. Learn what to do after penetrating protected corporate perimeters, bypassing dozens of detection systems and honeypots, or even getting physical access to the target system. Expand your possibilities and become a super-user!
In March 2019, the National Security Agency of the US Department of Defense (NSA) has published Ghidra, a free reverse engineering toolkit. A couple of years ago, I had read about it on WikiLeaks and was eager to lay hands on the software used by the NSA for reverse engineering. Now the time has come to satisfy our curiosity and compare Ghidra with other tools.