HackDig : Dig high-quality web security articles for hacker

UNIX and Linux setUID advice and guidance

It is a topic that often comes up on client engagements, usually when running structured build reviews of Linux “gold builds”, but occasionally when trying to explain in detail how we used a Linux system to pivot internally. SetUID and setGID files are inevitably a risk, potentially allowing attackers to elevate privileges to root from a basic us
Publish At:2017-10-27 17:20 | Read:3954 | Comments:0 | Tags:Blog AIX analysis auditing blueteam FreeBSD Linux root Solar

A study in scarlet

In the modern age, where computers are used for nearly everything we do, the damage that can be caused to a company by cyber-attacks is substantial, with companies losing millions in regulatory fines, compensation and declining share prices. While some of these breaches have been caused by vulnerabilities within the target company’s infrastructure/soft
Publish At:2017-10-27 17:20 | Read:3557 | Comments:0 | Tags:Blog analysis blueteam phishing redteam

Hindering Lateral Movement

Lateral Movement is a method used by attackers (or malware) against a network Domain. After an initial device is compromised (typically, a user’s workstation), the attacker extracts passwords from memory, or obtains encrypted password hashes from the system for cracking or direct use (i.e. Pass the Hash). The attacker then attempts to login to other sy
Publish At:2017-10-27 17:20 | Read:3169 | Comments:0 | Tags:Blog auditing blueteam redteam training Windows

Sandbox detection: Pafish overview

Here at Portcullis, we are frequently involved in “red team” exercises, which means we subject an organisation’s information security systems to rigorous testing and analysis. The opposite of a red team is a “blue team”. A blue team attempts to identify and stop the red team from compromising systems. One of the techniques used
Publish At:2016-11-20 02:20 | Read:4193 | Comments:0 | Tags:Blog analysis blueteam redteam

Locating SAT based C&Cs

Recently, Kaspersky published a research about how a russian APT group use hijacked satellite links to anonymise their malware command-and-control (C&C) servers (Satellite Turla: APT Command and Control in the Sky). As they say in their blog post, I researched and published how to abuse satellite DVB-S/2 internet communications, the technique used during
Publish At:2015-10-29 00:10 | Read:6429 | Comments:0 | Tags:Blog BlackHat blueteam MiTM routing satellite seaairandland

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud