人の心が思い描き信じられる事は、すべて実現可能である。

 

blog_author.png

 

Blog Author - Founder Simon Davies (CV)

All opinions expressed in this blog are my own.

Tuesday, 16 May 2017 12:27

Protecting Against New Strains of Ransomware

The below will help you proactively protect your Business/Home systems against Ransomware including new strains that Antivirus Solutions do not currently have signatures for and so can not protect you against. Due to the speed in which Malware mutates it is important to realise that Antivirus Solutions alone can not…
Thursday, 18 May 2017 00:23

Why Antivirus (AV) is Ineffective

Antivirus (AV) Signature Based Detection AV Signature based detection is flawed and can be bypassed simply by splitting a Malware binary into multiple parts, finding which part flags Antivirus and then opening this part in a Hex editor such as Hex Workshop and zeroing out the signature. Note: Occasionally this…
Sunday, 19 February 2017 23:35

Mobile Security Testing - MobSF, Drozer, Needle

I recently came across some really useful Mobile Security Frameworks (MobSF, Drozer and Needle) for testing Android, iOS and Windows Mobile apps. The MobSF Framework is also capable of "Web API Security testing with it's API Fuzzer that can do Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities…
Thursday, 09 February 2017 21:32

Installing Cuckoo - Automated Malware Analysis Tool On Fedora 25

"What is it? In three words, Cuckoo Sandbox is a malware analysis system. In other words, you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment...Cuckoo Sandbox…
Thursday, 09 February 2017 13:29

Securely Storing Sensitive Company Information On Phones/Tablets

When it comes to company phones/tablets a lot of us are guilty of using the devices for personal use. This puts company information stored on the devices at risk as employees install apps which could potentially contain malware.   Regarding Android many malicious apps have been known to bypass Google's…
Thursday, 28 July 2016 19:53

Which Secure Messaging App Should I Use?

For those of you concerned about privacy and wanting the ability to be able to communicate with friends and family without anyone having access to your conversation history, it is important to chose a secure messaging app. There are various apps out there that meet this requirement but I thought…
Thursday, 28 July 2016 19:11

Incident Reponse - Useful Tools

I was tasked to do an incident response job involving investigation of a hard drive. The aim was to conclude whether a certain user of the computer the hard drive was recovered from visited inappropriate websites at a specific date and time. I first made a copy of the ddrescue…
Thursday, 28 July 2016 19:03

Bypassing Antivirus software with Veil-Evasion

When performing security audits and using Metasploit's Meterpreter in order to gain shell access on a remote host we often encounter Antivirus software which will quarantine our payloads. Sometimes it is not possible for the client to disable the Antivirus software which is where Veil-Evasion enters the equation."Veil-Evasion is a…
Thursday, 28 July 2016 18:44

Windows 7/8/10 Account Login Bypass

With physical access to the machine an attacker can bypass the Windows Login screen by simply rebooting into a bootable Linux distribution, renaming Utilman.exe to Utilman.old, creating a copy of cmd.exe and renaming the copy to Utilman.exe. The attacker would then reboot into windows and at the login screen press…
Thursday, 28 July 2016 18:43

Hacking Android With Metasploit's Android Meterpreter

In order to hack Android we need to create an application (.apk file) that contains embedded Meterpreter functionality as well as new functions unique to the Android version of Meterpreter. We will set up a listener (handler) on the attacking machine and then install this program onto the phone/tablet and…
Thursday, 28 July 2016 18:39

Identify Malicious Internet Users Using Tor - Identifiable Information Gathering Tool

I wrote this tool as part of my final year dissertation in order to identify malicious internet users using Tor. The tool is designed to be placed on a honeypot that can be easily broken into. It is disguised as a file crypter in order to social engineer malicious internet…
Thursday, 28 July 2016 18:33

Raspberry Pi (Raspbian) Rogue Access Point (AP) Landing Page/Captive Portal

I was recently tasked to set up a rogue access point with a captive portal using a Raspberry Pi running Raspbian. To achieve this a number of packages have to be installed and configured. Below I will explain the steps I took and reference websites that I used along the…
Sunday, 17 July 2016 22:05

Web Application Penetration Testing Reference Guide

This blog post will serve as a reference guide for Web Application Penetration Testing. As Web Application Penetration Testing is a vast field it is impossible to document everything that a tester needs to know, but things that I feel worth documenting will be added. I will try to update…
Wednesday, 13 July 2016 22:45

Infrastructure Penetration Testing Reference Guide

This blog post will serve as a reference guide for Infrastructure Penetration Testing. As Infrastructure Penetration Testing is a vast field it is impossible to document everything that a tester needs to know, but things that I feel worth documenting will be added. I will try to update this blog…
Wednesday, 13 July 2016 14:29

Penetration Testing Tools Reference Guide

As a penetration tester is is important to possess an arsenal of penetration testing tools and scripts to help automate the process of vulnerability discovery. Automated tools should be run along with manual discovery and verification of vulnerabilities. Below is a list of commonly used tools and usage instructions in…
Wednesday, 13 July 2016 14:16

Installing OpenVAS 9 BETA From Source

When performing vulnerability assessments it is essential to possess a vulnerability scanner and manager to automate the process of discovering vulnerabilities on hosts based on known CVEs. OpenVAS is an Open Source, Free vulnerability scanner and manager that performs on par with Nessus based on recent comparisons that I have…