Defensive Security – Page 4

Metasploit Basics, Part 15: Post- Exploitation Fun (Web Cam, Microphone, Passwords and more)

December 2, 2023January 1, 2024Occupy The Web

Welcome back, my fledgling hackers! As we have progressed through this series on Metasploit Basics, we have used numerous techniques to exploit your target system including; 1. SMB Exploits (EternalBlue and MS08_067, for instance); 2. File Format (ms14-0440_sandworm, office_word_hta); 3. Browser Exploits (autopwn, Abobe Flash and numerous others); 4. Social Engineering Toolkit(SET); Custom Payloads with […]

Reverse Engineering Malware, Part 6: System Level or Behavioral Analysis

December 2, 2023January 1, 2024Occupy The Web

Welcome back, my aspiring malware analysts! In my introductory tutorials on reverse engineering malware (Part 1-5) we introduced many new concepts. Now its time to put some of those concepts to work and begin analyzing some sample malware! In Part 1 of this series, I pointed out that there are two primary ways of analyzing […]

Network Forensics, Part 1

December 1, 2023December 1, 2023Occupy The Web

Welcome back, my hacker apprentices! Network forensics is key element of most digital forensics and incident response (DFIR) investigations. When our systems have been compromised by an attacker, its up the DFIR investigator to determine the who, what, where and how of the attack. In other words, what can a DFIR investigator learn about the […]

Metasploit Basics, Part 14: Updating the msfconsole

December 1, 2023January 1, 2024Occupy The Web

Welcome back my novice hackers! Recently, I have received numerous questions regarding how to update the msfconsole built into Kali. Until recently that was an easy question to answer. You simply enter “msfupdate” at the command line. Now, Rapid7–the developers of Metasploit– have changed how we update Metasploit when it is built into an operating […]

Digital Forensics, Part 10: Mobile Forensics (Android)

November 30, 2023January 1, 2024Occupy The Web

Over the past decade or so, the growth of the mobile market has been the fastest growing segment of the IT industry. We now have portable smart phones and tablets being used throughout the consumer and business market. These add an extra challenge to the forensic investigator, but can also contain a cornucopia of information […]

Reverse Engineering Malware: Why YOU Should Study Reverse Engineering Malware

November 26, 2023September 25, 2024Occupy The Web

I am about to embark upon probably the most technically demanding tutorial series, Reverse Engineering Malware. Before I do so, I thought I would take a few moments to explain why YOU should study and invest your time into reverse engineering. Please take a moment to read the following and then, hopefully, decide whether this […]

Reverse Engineering Malware, Part 4: Windows Internals

November 26, 2023November 26, 2023Occupy The Web

Welcome back to my Reverse Engineering Malware series. In general, reverse engineering of malware is done on Windows systems. That’s because despite recent inroads by Linux and the Mac OS, Windows systems still comprise over 90% of all computing systems in the world. As such, well over 90% of malware is designed to compromise Windows […]

Reverse Engineering Malware, Part 3: IDA Pro Introduction

November 26, 2023September 25, 2024Occupy The Web

Welcome back to my Reverse Engineering Malware course! This course is designed for those of you who want to ascend to the pinnacle of Digital Forensics and Cyber Security. There are many tools available for reverse engineering, but one disassembler stands alone. Nearly everyone in this industry uses IDA Pro to some extent. IDA Pro […]

Digital Forensics, Part 9: Extracting EXIF Data from Graphics Files

November 25, 2023November 25, 2023Occupy The Web

In many cases when a computer, phone, or mobile device is seized for evidence, the system will have graphic images that might be used as evidence. Obviously, in some cases these graphic images may be the evidence such as in child pornography cases. In other situations, the graphic images may tell us something about where […]

Vault7 Reveals that Even the CIA Reverse Engineers Malware to Re-Use Code

November 20, 2023September 25, 2024Occupy The Web

The recent CIA data dump from Wikileaks named Vault7, reveals many things about the CIA’s cyber intelligence efforts. For my part, the revelation that much of the malicious code that the CIA uses to spy on foreign nationals from around the world, uses “snippets” of code from known public malware was among one of the […]

Category: Defensive Security