Down In The Weeds With sqlmap

| 0 comments

Here I plan to take a look at sqlmap and the capabilities that it provides in order to identify weakness in security so that this weakness can be addressed before a breach occurs. The tool sqlmap, like many tools, can both be used for good and bad depending upon the role of the individual. I approach this tool as a mechanism to perform penetration testing in order to uncover the vulnerabilities that otherwise may go unnoticed. If you are not sure what sqlmap is the best way I can define this tool is that it is an open source penetration …

Continue reading

Hacking 103: Attacking Servers And Services With Hydra

| 0 comments

Now that I have covered Hacking 101: Footprinting Using Nothing But A Web Browser and Hacking 102: Active Footprinting With Nmap it is time to move into a physical attack upon the servers and servers that we have found in the course of investigation. There are a number of tools available in Kali Linux which include Medusa and Ncrack, but for the purposes of this article will will be using Hydra which is a very fast network logon cracker which support many different services. In this article we will take a look at the following attacks which are FTP and …

Continue reading

Hacking 102: Active Footprinting With Nmap

| 0 comments

This article is a followup of Hacking 101: Footprinting Using Nothing But A Web Browser which served as an introduction to passive footprinting. There are a number of tools that you can use both on a Windows and Linux platform and I prefer to use the Backtrack Linux distro for penetration testers, more specifically I will be using Kali Linux. If Linux is not your cup of tea then you can give the following tools a look and pick and choose what you need. Wireshark which open source multi-platform network protocol analyzer. It allows you to examine data from a …

Continue reading

Ways To Protect Your Identity On The Internet

| 0 comments

At the time of this article I have an IP Address of 89.239.207.81 and I would ask you if you have any idea where my Internet Service Provider (ISP) resides? I live in the United States and at this moment my Internet connection is coming from Denmark. As demonstrated from the Google Map, I am clearly sitting  in Havdrup, Denmark however this is not true, well at least physically. My internet connection resides in Denmark why my physical location is within the United States. Here is the detailed information: IP Address: 89.239.207.81* City: Havdrup State: 20 Country: Denmark Latitude: 55.5333 …

Continue reading

Website Mirroring Using GNU Wget

| 0 comments

GNU Wget is a free software package for retrieving files using HTTP, HTTPS, and FTP – the most widely-used Internet protocols. It is a non-interactive command-line tool, so it may easily be called from scripts, cron jobs, terminals without X-Windows support, etc. Why would you want to use this application? The fact is the black hats often use this to mirror a given site in order to review the content for anything that may be of value. This concept falls into the area of information gathering. So you may be asking your what possibly could be of value that a …

Continue reading

Microsoft Assessment and Planning Toolkit Explained

| 0 comments

What does the MAP toolkit do? The Microsoft Assessment and Planning (MAP) Toolkit 8.0 is an inventory, assessment, and reporting tool that helps you assess your current IT infrastructure and determine the right Microsoft technologies for your IT needs. The MAP toolkit uses Windows Management Instrumentation (WMI), Active Directory Domain Services (AD DS), SMS Provider, and other technologies to collect data in your environment and inventories computer hardware, software, and operating systems in small or large IT environments without installing any agent software on the target computers. The download is free, but it has a laundry list of prerequisites: .Net …

Continue reading