Mimikatz is a leading post-exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets. Other useful attacks it enables are pass-the-hash, pass-the-ticket or building Golden Kerberos tickets. This makes post-exploitation lateral movement within...
Project Discovery Naabu: A fast port scanning tool that avoids duplicate scanning of subdomains / domains which resolve to the same IP address. Shodan: Port Scanning Search Engine Online port scanning search engines like Shodan are specialised tools that allow users to search for internet-connected ...
Shodanis a search engine for the Internet of Things(IoT) devicesand an OSINT tool that is used to uncover vulnerable and exposed devices connected to the Internet, otherwise known as smart devices. Shodan was created by John Matherly in 2009 and is considered to be the world’s first comput...
Research Tool to Find Vulnerable Connected Things Shodan is a service for finding IoT devices on the Internet. It is targeted for researchers, but can be used for all sorts of purposes from market research to finding vulnerable devices to target in attacks. It now also has a feature for find...
Metasploit is a widely used penetration testing tool that makes hacking way easier than it used to be. It has become an indispensable tool for both red team and blue team.
Generally, the ultimate target is root or administrator privileges on a machine, especially a domain controller. A common tool used for this is Metasploit, a framework that provides a streamlined process for finding and executing publicly available exploits for vulnerabilities. ...
Is penetration testing intrusive or disruptive to operations? Penetration testing can be intrusive as it involves simulating real cyber attacks on your systems. However, a well-planned and professionally conducted penetration test minimizes disruptions. Testers typically work closely with your IT team to...
Shodan(link resides outside ibm.com) – A search engine for internet-connected devices that can also provide information on metadata and open ports. Because this tool can identify security vulnerabilities for millions of devices, it can be useful to both cybersecurity professionals and cybercriminals...
This article explores what is an open port and closed port? Risks of open ports, port scanning and how to monitor. Learn more on attack surface reduction.
Social Engineering & Impersonation:The ability to exploit trust is still a powerful tool. Cybercriminals imitate the company’s IT personnel, tricking employees into divulging sensitive information or opening doors for criminals. Such an approach combines psychological hints, including confidence or urgency...