Install YAWAST – The Antecedent Web Application Security Toolkit

YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL - Versions and cipher suites supported; common issues. Information Disclosure - Checks for common information leaks. Presence of Files or Directories - Checks for files or directories that could [...]

By | October 24th, 2016|Pentest|

QRLJacker – QRLJacking Exploitation Framework

QRLJacker is a python framework which is used to exploit services that rely on QR code authentication. #QRLJacker is a customizable framework to demonstrate "QRLJacking Attack Vector" and shows how easy to hijack services that relies on QR Code Authentication. Installation Installation on Windows After downloading the framework and Python: cd QrlJacking-Framework pip install -r [...]

By | October 24th, 2016|Pentest|

How to Opt-Out of Google’s New Advertising Plan

According to a report released by ProPublica today, Google quietly changed its privacy policy in the past few months, allowing its advertising system to collect data that is associated with identifiable user information. Google’s DoubleClick ads can now use information from your Gmail to serve you up ads on YouTube or your YouTube search history [...]

By | October 21st, 2016|Internet|

DDoS Attack on Dyn DNS and Level3 Outages

Twitter, Reddit, Spotify, PSN, XBox, Netflix, Github, PayPal and bunch of other websites were offline earlier today. That’s because someone conducted a massive distributed denial of service (DDoS) attack on the Dyn DNS, a world renowned Domain Name Servers (DNS) service provider. You can read the most recent status messages at DynDNS. So far there [...]

By | October 21st, 2016|Attacks, Security|

How To Patch Linux Kernel Zero Day DirtyCow Vulnerability CVE-2016-5195

A zero-day local privilege escalation vulnerability has been found in the Linux kernel that has existed since 2005, being called DirtyCow. This bug affects a large number of popular Linux distros as well as Android devices. By exploiting the DirtyCow vulnerability, any user can become root (admin) in less than 5 seconds. The vulnerability has [...]

By | October 21st, 2016|Linux, Security, System Administration, Zero-Day|

How To Backup, Restore, and Import Group Policy Objects

As a Systems Administrator, you've probably worked with Group Policy before, especially if you're in a Microsoft Windows environment. Group Policy allows you to push out settings to multiple computers on an Active Directory domain network. If you work with multiple domains, there may be a time where you want to migrate some Group Policy [...]

By | October 20th, 2016|System Administration, Windows|
Load More Posts