Remote access is a vulnerability through which attackers can control any device. Most commonly, payloads are used for remote control. Payloads are sent through social engineering or phishing attacks. Once the payload is injected, the actual attack begins. The payload will provide a reverse connection. Most commonly, Metasploit framework is used for generating payloads. There are three different types of payload modules in the Metasploit Framework:...

Abstract Digital forensic model which is abbreviated as ADFM is a tool for digital forensic investigation. This model provides a clear and structured and structured way to proceed with particular evidence. It contains 9 phases which are Identification, Preservation, Collection, Examination, Analysis, Reconstruction, Documentation, Presentation, and Returning Evidence. Because of these phases, investigators can increase the likelihood of successfully identifying and prosecuting crimes....

According to NIST, the ability to protect or defend the use of cyberspace from cyber-attacks is known as cyber security. Now, for companies some exercises/strategies include testing an organization’s cybersecurity defenses against threats or assessing the talent of security team members, such simulated attacks can be beneficial for companies of all shapes and sizes....

As the name suggests, checksums, mean we are checking and validating received data whether it is correct or incorrect. For this purpose, Wireshark has a feature to ensure that captured packets are original or something is missing.  When Packets go from network to network and router to router it can disturb some data packets over network protocols it may be TCP Protocol or UDP Protocol or any other Protocol and after this data disturbance, we can not produce an exact report of transmitted data. In the case of confidentiality, it becomes more important to check data correctness. For avoiding such kinds of errors, network protocols validate and transfer checksum, and if the same checksum is produced at the end of captured data that means our transmitted or captured data is original and correct. In Wireshark, when it captures data over any protocols, it validates checksums based on their pre-defined algorithms....

Injection attacks are the most well-known attacks used by hackers to inject code or malware into programs or to query a computer to run remote commands that can read or modify a database or modify data on a website. XPath is a query language that helps by providing relative information on how to find certain elements, such as attributes in an XML document. XPath’s injection is an attack used by hackers to exploit applications that build XPath queries from user input to a browser (navigate) XML document....

Wireshark is the network analyzer tool, where you can check the traffic incoming and outgoing. It is an amazing tool where you can analyze each and every packet and analyze further. Every protocol has a different way of working. The Wireshark divides into 3 parts in GUI....

The browser treats cookies as DOM nodes, so it is possible to manipulate cookies through the DOM. This is commonly referred to as “DOM-based cookie manipulation”. The most common use of this technique is to delete or edit the value of a cookie. For example, deleting third-party cookies might allow somebody to bypass cross-site tracking issues by clearing a tracker’s identifier from their memory. Similarly, editing the value of a single-access token could be used to generate infinite new sessions on sites like Facebook....

Code Access Security is an extremely important concept and one that all ethical hackers need to know and understand. This is the way in which Windows can be configured to determine what code execution should look like, either allow everything, allow only signed code, or allow only certain users to execute different code....

Egress Filtering is the term for filtering data packets as they leave your network. This is usually performed on an Intrusion Prevention System or firewall that monitors traffic, either inbound or outbound, from the network. This will often be in addition to other firewall protocols such as Domain Name System Security Extensions (DNSSEC), which provides authentication for domains, and (D)TLS, which provides end-to-end encryption for most Internet websites through HTTPS traffic....

User Directed Spidering with Burp is a great way to catch security vulnerabilities in a web application. A spider is a software that goes through your website, following every link and looking for the next page it needs to visit. This means it can’t get stuck when there are loops or missing links – which is what would happen with a regular browser like IE or Chrome....

A banking Trojan is a piece of malware that is used primarily to steal banking credentials by remotely installing malicious software on a victim’s computer system. Banking Trojans are tailored to specific types of computers and may use the Windows registry for installation. On the infected computer, an icon will appear on the taskbar, causing a distraction from the user’s original task in order to trick them into providing login credentials for their bank account....

What is Meltdown security vulnerability? Meltdown, also known as Rogue Data Cache Load, is a security vulnerability that affects microprocessors of the types Intel x86, IBM Power, and ARM, by allowing some malicious processes to read memory, even without authorization...