Sunday, April 30, 2017

Web Application Penetration Testing Checklist – A Detailed Cheat Sheet

Web Application Pen testing is a method of identifying, analyzing and Report the vulnerabilities which is existing in the Web application including buffer overflow, input validation, code Execution, Bypass Authentication, SQL Injection, CSRF, Cross site scripting in the target web Application which is given for Penetration Testing.
Repeatable Testing and Conduct a serious of method One of the Best Method conduct Penetration testing for all kind of web application vulnerabilities.
at No comments:

Saturday, April 29, 2017

Millions of Smartphones are Vulnerable to inject Backdoor via open Ports

A Recent Research Revealed by University of Michigan  Research team, Open Ports Create Backdoors in Millions of Smartphones .This Vulnerability Existing in Low secured Server Software which used to Serve for Remote Clients . 
Many of Smart phones are using Open ports support in server and mostly it serves in Traditional servers which communication endpoint for accepting incoming connections.
These open port Families, if its not much Protected  most of the ports are directly enable a number of serious remote exploits.
at No comments:

Friday, April 28, 2017

Running OSX relatively safe? New Malware strains targeting all versions of MacOSX clients

People regularly anticipate that in case you’re strolling OSX, you’re highly secure from malware. But that is turning into much less and less real, as evidenced via brand new strain of malware encountered with the aid of the Check Point research team.
The Malware strain discovered by checkpoint researchers targeting OSX users mostly in European countries.
For instance, one phishing message turned into determined to target a person in Germany by using baiting the user with a message regarding supposed inconsistencies of their tax returns (see image, and translation, under).
at No comments:

XSSer automated framework to detect, exploit and report XSS vulnerabilities

XSS is a very commonly exploited vulnerability type which is very widely spread and easily detectable.
An attacker can inject untrusted snippets of JavaScript into your application without validation. This JavaScript is then executed by the victim who is visiting the target site [Read More].
Cross Site “Scripter” (aka XSSer) is an automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.
at No comments:

Nearly 2 Million Android User Attacked by “FalseGuide” Malware in Google Play Store – Beware

A New Malware called “FalseGuide” Attacked Google Play Store users Nearly 2 Million Android User Infected along with Five additional apps and hide itself in Play store Almost 5 months since Nov 2016.

Earlier Stage of this Malware Reached over 50,000 Installations, and hidden with 40 guide apps for games.
“FalseGuide” Malware developed by Russian  “Анатолий Хмеленко.”(Anatoly Khmelenko)  who Especially Target the game Downloaders in Google Play Store.
at No comments:

A new IoT Botnet is Spreading over HTTP Port 81 and Exploit the Vulnerability in Security Cameras

A New IoT  Botnet Discovered which scanning the entire Internet and Exploit the vulnerability in many Security Cameras and 50k live scanner IPs daily .
This IoT findings revealed that,it is Very Much Active in the internet and improve its live scanning rapidly.
A Month Before Researcher Kim Finding the Vulnerability in OEM cameras involved more than 1,250 different camera manufacturers and estimate that more than 185,000 devices Vulnerable to Attack by  RCE ( Remote Code Execution) attack.
at No comments:

Tuesday, April 25, 2017

Skipfish | Web application security scanner

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes.
The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.
at No comments:

Critical Microsoft Edge Vulnerability leads to Bypass the Password and Cookie Theft – Still Not Yet Patched

Critical Microsoft Edge Vulnerability Allows to  steal  the cookies and password revealed by Recent Research by  PoC (Proof-of-Concepts) .This Vulnerability Discovered under bypass the Same Origin Policy (SOP).
This Vulnerability Allows to Bypass the victims cookies by force  them to access the Malicious URL in Microsoft Edge browser.
This Vulnerability has  been tested in Twitter Account by twit with Malicious URL and trick the  active session twitter Account Holder to click the link .
at No comments:

200 Unique Android Apps Discovered with Backdoor Called “MilkyDoor” Downloaded by Nearly 1 Million Users – An Enterprise Risk

An Android Backdoor called  MilkyDoor Infected with More than 200 Apps in Play store  which contains Nealy 1 million Downloads .

According to the Trend Macro Report, MilkyDoor’s  provides attackers a way to conduct reconnaissance and access an enterprise’s vulnerable services by setting the SOCKS proxies .
Recent days Android Threats are Rapidly increasing  Especially Targeting Google Play Store Apps.While MilkyDoor seems, by all accounts, to be DressCode’s successor, MilkyDoor includes a couple of malicious traps of its own.
at No comments:

Mass Scan Revealed More Than 30000 Windows Computers Infected by NSA backdoor DoublePulsar

A Recent Mass Scan Revealed That More than 30000 Windows Machine Infected  by National Security Agency  Backdoor DOUBLEPULSAR .DOUBLEPULSAR one of the NSA hacking tools leaked last Friday by the Shadow Brokers .

This Mass Scan was performed in the course of recent days by Security Researchers  from Binary Edge, a Security firm headquartered in Switzerland.
at No comments:

Wednesday, April 19, 2017

Creating and Analyzing a Malicious PDF File with PDF-Parser Tool

This tool will parse a PDF document to distinguish the central components utilized as a part of analyzed file. It won’t render a PDF archive.
The stats option show insights of the items found in the PDF report. Utilize this to recognize PDF archives with unusual/unexpected objects, or to characterize PDF records.
The search option scans for a string in indirect objects (not inside the surge of Indirect objects). The inquiry is not case-sensitive and is defenseless to obfuscation methods.
Filter option applies the filter(s) to the stream, whereas raw option makes pdf-parser output raw data.
at No comments:

Banking malware with screen locking capabilities targeting all versions of Android

Android clients were the goal of another banking malware with screen locking abilities, taking on the appearance of a flashlight application on Google Play.
Dissimilar to other banking trojans with a static arrangement of targeted banking applications, this trojan can progressively change its usefulness.
The trojan, detected by ESET as Trojan.Android/Charger.B, was added to Google Play on March 30.
at No comments:

Tuesday, April 18, 2017

Sophisticated Android Based Banking Trojan “BankBot” Reach Play Store Which Avoid Detection by Google Security Scanner

Specifically, Target to infect  Android  Trojan entered into Google Play store which give more pain to Google Security team to find this  malware “Android.BankBot.149.origin” .
According to the Dr.Web Once this Malware Reached to the Android  Device , it force to user and grant the Admin privilege  and also Delete the Icon in the Home Screen.
Based on the Sophisticated  Malware codes act as a non-malicious Application when Scanner trying to Detect them.
at No comments:

Network Reconnaissance to get Target Subdomains and IP’s with Recon-ng & Netcraft

Recon-ng is an advanced Web Reconnaissance tool written in Python.It is an effective tool in which open source web-based reconnaissance can be led rapidly and all together.
Recon-ng is a total system and makes it simple for even the most up to the date of Python designers to contribute. Every module is a subclass of the “module” class.
The “module” class is an altered “cmd” mediator furnished with inherent usefulness that gives basic interfaces to basic errands, for example, institutionalizing yield, associating with the database, making the web asks for, and overseeing API keys.
at No comments:

Google strengthen it’s defence against Ransomware to Attack Android

Ransomware for Android, or any mobile platform, have been generally uncommon.The risk has fundamentally been kept to Windows desktops, where it’s flourished with a fast improvement cycles of new elements and capacities.
At the current Kaspersky Lab Security Analyst Summit, Google tossed back on the blind on how it has curtailed ransomware on Android with a blend of censured APIs.
Rollbacks of certain usefulness that had outlasted its value to clients yet still drew the consideration of attackers.
at No comments:

Saturday, April 15, 2017

Cloud Computing Penetration Testing Checklist and Important Considerations

Cloud Penetration Testing is a method of actively  checking and examining the Cloud system by simulating the attack form the malicious code .

Cloud computing is the shared responsibility with Cloud provider and client who earn the service from the provider.

Due to impact of the infrastructure , Penetration Testing not allowed in SaaS Environment.

Cloud Penetration Testing allowed in PaaS,IaaS with some Required coordination.

Read More at GBHackers ON Security
at No comments:

Employees Actively Seeking Ways to Bypass Corporate Security Protocols in 95 % of Enterprises – An Intelligence Report

A Recent Threat  Intelligence Report  Revealed by Dtex Systems says, Activities most significant security risks are caused by the employees of the company which is also around 95% of threat and Activities with access to corporate endpoints, data and applications.

Many of the security testing done by the Dtex Systems, Among the most alarming discoveries was that 95 percent of assessments revealed employees were actively researching, installing or executing security or vulnerability testing tools in attempts to bypass corporate security.

Read More at GBHackers On Security
at No comments:

Many New Apps Injected with Banking Malware found in Google Play Store

Security researcher Niels Croese found much new banking malware on Google Play, which has numerous new banking application focuses in its configurations.

Taking a look at the names of the exercises and other manifest items it appeared like an ordinary application with embedded malware.

Apparently, the app was updated recently (April 8, 2017) and this was most likely when the malware was added. I reported the app through their reporting system but at the time of writing it is still available on Google Play. Researcher told.

Read More at GBHackers On Security
at No comments:

Friday, April 14, 2017

WordPress plugin Gaint BestWebSoft’s 53+ Plugin’s Vulnerable to Multiple Cross Site Scripting (XSS)

Recent Security Audits Reveal that , WordPress plugin’s software Provider BestWebSoft’s Many Plug’s are vulnerable to Multiple Cross – Site Scripting (XSS) . This application vulnerability Flow Discovered by Neven Biruski with DefenseCode ThunderScan source code security analyzer..
This vulnerability Presented in More than 50 Plugin’s Which belongs to BestWebSoft plugins that were published on the wordpress.org web site.
at No comments:

Wednesday, April 12, 2017

OWSAP TOP 10 – 2017 out for public comments

OWASP Top 10 concentrates on recognizing the most genuine dangers for a wide cluster of attacks.
The OWASP Top 10 for 2017 is construct basically with respect to 11 huge datasets from firms that have specialize in application security, including 8consulting companies and 3 product vendors.

  1. They have combined (A4)Insecure Direct Object References and (A7) Missing Function Level Access Control into 2017(A4) Broken Access Control.
  2. 2013-A10: Unvalidated Redirects and Forwards was the dropped as it’s prevalence in a very small ratio.
  3. A(7) Insufficient attack protection added with 2017.
  4. Underprotected APIs was added with 2017 considering growth of Modern applications.
at No comments:

Smartphone Sensors can Spying your Mobile and Reveal PINs and Passwords by Tracking your Motion

Security Experts Reveal that Smartphone sensors can be spying your mobile phone and steal the PINS and password by cyber criminals.This Technique mostly Target by the Malicious apps installations which can possibly capture the user movements by motion sensors.

Security Experts from Newcastle University Explained, Analysing the movement of the device as we type in information, they have shown it is possible to crack four-digit PINs with a 70% accuracy on the first guess – 100% by the fifth guess – using just the data collected via the phone’s numerous internal sensors.t the additional risks posed by personal fitness trackers which are linked up to our online profiles

 Read More at GBHackers On Security

at No comments:

Sunday, April 9, 2017

Mobile spyware that steal Twitter credentials uses sandbox to Evade antivirus detections

Security Experts from Avast came through a Malware that uses a sandbox(DroidPlugin) to dynamically load and run an app, without actually installing the app, just like VirtualApp.
This makes it harder for antivirus solutions for recognizing the malware, as its malicious parts are not put away in the host application.
This malware is spread through Evergreen social Engineering tactics and they are to steal user’s Twitter credentials.
Avast said The malware masks itself as Wandoujia, a well known Android application store in China.
Interestingly, the malware developer presented an issue to DroidPlugin to report an out-of-memory issue around the time the new variation was discharged.
at No comments:

New Zero Day Attack Discovered in MS Word Document Uses to Hack your PC – Still Not yet Patched

MS word Document is on of the main Vector to easily spread the Macro viruses to the Victims. an undisclosed vulnerability has been Discovered in  Microsoft Office RTF( Rich Text Format) Document.
FireEye Security Researchers Said, This vulnerability allows a malicious actor to execute a Visual Basic script when the user opens a document containing an embedded exploit.This vulnerability found as Windows Object Linking and Embedding (OLE) based attack.
Different Well-known  Families  Malware payload inject into the Office documents and exploiting the vulnerability that downloads and executes within it.

at No comments:

Saturday, April 8, 2017

SN1PER – A Detailed Explanation of Most Advanced Automated Information Gathering & Penetration Testing Tool

Sn1per is an automated scanner that can be use Sn1per – a tool to automate the process of collecting data for the exploration and penetration testing.
In their work sn1per involves such well-known tools like: amap, arachni, amap, cisco-torch, dnsenum, enum4linux, golismero, hydra, metasploit-framework, nbtscan, nmap smtp-user-enum, sqlmap, sslscan, theharvester, w3af, wapiti, whatweb, whois, nikto, wpscan.d during a penetration test to enumerate and scan for vulnerabilities.


at No comments:

Friday, April 7, 2017

XSSight – Automated XSS Scanner And Payload Injector


What is XSS(Cross Site Scripting)?

An attacker can inject untrusted snippets of JavaScript into your application without validation. This JavaScript is then executed by the victim who is visiting the target site.
XSS classified into three types Reflected XSS, Stored XSS, DOM-Based XSS. To read more about XSS and OWSAP 10 vulnerabilities click here.

XSSight – XSS Scanner

o find the XSS many famous tools available such as Burp, ZAP, Vega, Nikito. Today we are to discuss XSSight powered by Team Ultimate.
You can clone the tool from Github.
at 1 comment:

Permanent Denial-of-Service attack with IOT devices-BrickerBot

PDoS is an attack that harms a system so severely that it requires substitution or re-installation of hardware.By abusing security defects or misconfigurations, PDoS can decimate the firmware or potentially functions of system.

As per the analysis from Radware’s honeypot around 1,895 PDoS attempts where recorded with malware strain BrickerBot from several location around the Globe.

It is compromising only Linux/BusyBox-based IoT devices which have their Telnet port open and exposed publically on the Internet.

Attack classified into two stages.
  • BrickerBot.1  –  short-lived bot.
  • BrickerBot.2  –  Bot that initiates PDoS attempts.

at No comments:

Thursday, April 6, 2017

KickThemOut -Tools to kick devices out of your network and enjoy all the bandwidth

KickThemOut -Tools to kick devices out of your network and enjoy all the bandwidth for yourself.It permits you to choose particular or all gadgets and ARP spoof them off your local area network.

Goal

Difficult to happen when your brother, sister, mother, father and every other person are associated with your network by means of every one of their gadgets.
KickThemOut ARP Spoofs gadgets in your Local Area Network kill their Internet connectivity and in this way permitting you to relish all the network bandwidth capacity for yourself.
at No comments:

Mobile apps of seven larger banks in India affected with Malware – Still not yet fixed

Mobile apps of seven large banks in India infected with Malware that capable of stealing financial information, revealed by US-based digital security firm FireEye.
In India, we have seen monetarily prompt cyber-criminal groups propelling sophisticated attacks to steal funds from many potential sources: organizations, buyers, ATMs and banks.
“As India’s digital payment systems handle more transactions, they will become more lucrative targets,” Vishal Raman, India Head at FireEye told BusinessLine.
As per US-based digital security firm FireEye, banking network frauds have spread all over the world. The firm has followed such events that influenced banks in Ukraine, Ecuador and India, with misfortunes totaling more than $100 million.
at No comments:

Wednesday, April 5, 2017

A Highly Sophisticated Victim’s Activities Monitoring Android Spyware “Notorious Pegasus” Discovered

Notorious surveillance software called Pegasus Andriod spyware has been Found which Monitor all the Vicims activities including take Screenshots, capture audio,Camera,Contact list Keystroke logging,read email and pull the data’s from the users Android Mobiles.
Google and the Lookout Security Intelligence team Discovered thisPegasus  Malware and Explained that ,existed as an Android application (APK) that compromised the device to install its malicious payload.
Google Said , This Pegasus Spyware originally Created by NSO Group ,According to news reports, NSO Group sells weaponized software that targets mobile phones to governments.
Read More at GBHAckers On Security

at No comments:

A Fileless Malware Called “ATMitch” Attack The ATM machines Remotely and Delete The Attack Evidence

A  Fileless malware “ATMitch”  Access the ATM Remotely that gave them the ability to dispense money, “at any time, at the touch of a button.” Discovered by the Researchers from Kaspersky Lab.
Attackers introduced the malware on ATMs by means of the machine’s remote administration modules, something which gave them the capacity to execute commands, for example, arranging the quantity of bills inside a machine or dispensing cash.
This Malware Playing some interesting role once it’s entered into the ATM. During the Attack, the criminals were able to gain control of the ATMs and upload Malware to them.

at No comments:

Risk with Steganography and Importance of running Steganalysis with Network Systems

A detailed scenario conducted by Trustwave security experts to identify the importance of running Steganalysis with Network Systems.
In the scenario they consider an Employee who is having some confidential documents in his computer and if he sells that to another company he will under risk of consequences.
So he not find an alternative way, by using Stenography methods they may find a way to hide the document with the image to bypass Data loss prevention(DLP) filters and some other security tools.
at No comments:

Saturday, April 1, 2017

Most important considerations with Malware Analysis Cheats And Tools list

This procedure includes extraction and examination of different binary components and static behavioral inductions of an executable, for example, API headers, Referred DLLs, PE areas and all the more such assets without executing the samples.

Any deviation from the normal outcomes are recorded in the static investigation comes about and the decision given likewise.Static analysis is done without executing the malware whereas dynamic analysis was carried by executing the malware in control environment.

Read More at GBHackers On Security
at No comments:
Subscribe to: Posts (Atom)