Phát hiện mã độc đào coin ẩn trong quảng cáo YouTube

Khi xem quảng cáo trên YouTube, nhiều người đã vô tình cho kẻ xấu mượn CPU trên máy tính của mình để đào coin một cách lén lút. Tiền mã hóa chắc chắn là chủ đề hot nhất hiện nay. Dễ hiểu khi nhiều website muốn kiếm tiền nhờ vào sức mạnh từ vi xử […]

Công nghệ Blockchain sẽ phát triển ra sao trong năm 2018?

Năm vừa qua thế giới đã chứng kiến sự tăng trưởng bất ngờ của các đồng tiền kỹ thuật số, đồng thời cũng thấy rõ sự bất ổn từ chúng. Góp phần rất lớn vào sự tăng trưởng mạnh mẽ của các đồng tiền kỹ thuật số song lại có tính ổn định hơn rất […]

Android Application Penetration Testing: Setting up, Certificate Installation and GoatDroid Installation

To begin with mobile application penetration testing on the Android platform, we have multiple tools available that can be easily downloaded and installed to prepare the environment testing.These tools will help us to set up a virtual device serving as a smart phone using Android and the mobile application that is installed will undergo security […]

Android Application Security Testing Guide: Part 2

In our last part of this series (Android Application Security Testing Guide: Part 1), we discussed static analysis of Android APK files on the security background, and we tried to find any sensitive information which we can collect. In this part, we will head to our second phase, i.e. Dynamic Testing. But before going further, don’t […]

Android Application Security Testing Guide: Part 1

Android is a Linux kernel mobile platform that has been popular throughout its existence on a huge variety of devices, especially mobile smartphones. Most organizations, ranging from banking to telecom companies, have also come up with their apps for Android. Just like generic web applications, these mobile applications need a pen-test exercise as a part […]

CEH_v9_Advanced Man In The Middle Framework: Xerosploit

Advanced Man In The Middle Framework      Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. Powered by bettercap and nmap. […]

CEH_v9_Man-In-The-Middle Attack Framework: MITMf

MITMf is a Framework for Man-In-The-Middle attacks. MITMf aims to provide a one-stop-shop for Man-In-The-Middle and network attacks while updating and improving existing attacks and techniques. Originally built to address the significant shortcomings of other tools (e.g Ettercap, Mallory), it’s been almost completely re-written from scratch to provide a modular and easily extendible framework that […]

CEH_v9_Bettercap : MITM attack for sniffing traffic and passwords

Contents Installation Sniffing Traffic Getting password We will be installing Bettercap, doing a quick sniffing exercise, and then a more detailed section on grabbing the password. Will demonstrate the password grabbing on, which seems to be particularly vulnerable to this attack. Installing bettercap Installation is simple- apt-get update apt-get dist-upgrade apt-get install bettercap The […]