Cracking the Maze of Advanced Persistent Threats!

Advanced Persistent Threats, as the name suggests, are advanced, persistent and deadly in their nature. The ghost of APTs can affect any organization at any moment of time. Security specialists have to face the ordeal of cracking the never-ending maze of APTs.

Security professionals need to employ a wide range of techniques and tools in their arsenal, both automated and manual in nature, including threat modelling, attack vectors, and the most difficult of all tasks: identifying the attacker. Various components include monitoring of logs, analysing the anomalous behaviours within the network traffic and keeping the staff well aware and trained to face any emergency.

APTs are hard to identify and usually come as a zero-day attack. Identifying that you are under an attack itself is hard to do, but once you’ve identified it, you start the real work of combating it and safeguarding your assets. The red signs of APT attacks are network exploration (also called pivoting) and data exfiltration.

Of late, APTs have challenged the best of security brains in combating them. This article identifies the processes and tools which can be used by Emergency Response Teams of organizations to strengthen their defence against APTs.

Read full article here : InfosecInstitute


Advanced Persistent Threats – Attack and Defence

Advanced Persistent Threats (APT) was originally coined while nations were involved in cyber-espionage. These techniques are used by cyber-criminals to steal data for monetary gains. Unlike other threats, these threats are advanced, often targeted, persistent in nature, and evasive too. APTs target particular organizations unlike other usually found malwares, which sweep down random millions of boxes. The sole intention here is to gain monetary benefit by causing damage to cyber infrastructure. This story would focus on nature of APTs; the methodology involved in performing APT based attacks and covers the possible defenses against the threats.

Business ranging from small to corporates face this growing problem. To come up with a fence to the organization constant vigilance, employee awareness, and security policies aligned with the nature of APTs is necessary. Even if the defense is breached after putting in best efforts, a remediation plan needs to be kept handy to address the situation. The attacks need high level of skill sets and expertise to execute, which just wait for the right opportunity to trigger. These are new, customized in order to breach the best of security fencing. Hardening the perimeters and servers will reduce the spread of evil code. Maintaining and scrutinizing the logs will allow early detection of threat and gives that extra time needed to address the situation.

The APT Life cycle covers 6 phases as enumerated below. (As reported by Michael Cobb)

  1. Phase 1: Reconnaissance
  2. Phase 2: Spear phishing attacks
  3. Phase 3: Establish Presence
  4. Phase 4: Exploration and Pivoting
  5. Phase 5: Data Extraction
  6. Phase 6: Maintaining Persistence

Read the complete article here: InfosecInstitute

Pimp my Chrome


You might be wondering about the title. Let me tell that you shall have your answer by the end of this story.

Hacking has been considered as a mysterious act of 0s and 1s that can either make you or destroy you. Along these lines, things have been simplified to a large extent after the growth of Y2K syndrome and web technologies. This is an effort to simplify certain things that can help you in your pen-testing cycle.

The Google Chrome has a lion’s share in the worldwide usage statistics by W3Schools. Close to half the world’s internet population depends on Google Chrome for browsing the World Wide Web.

Read the full story on InfosecInstitute Resources!




Threat Modeling – Finding defects early in the cycle



Finding a proven pattern to find defects early in your cycle saves not just money but also the time required to patch those defects. Threat modeling is a tested and proven method to meet this objective. This procedure evaluates the vulnerabilities that can potentially exist in a target under observation. The vulnerabilities may or may not exist, but assuming that they do and then proceeding with the Software development Life Cycle is a pro-active way of securing your applications.

Prioritizing the area that needs more focus in order to reduce the attack surface is the primary aim of this model. This assessment is done as an iterative process which comes in to picture when new modules are added in to the application. The end result of this assessment is the security profile of that particular application under observation.

In this article, I shall explain about a famous security engineering pattern called the STRIDE model. The acronym STRIDE stands for:

  1. Spoofing
  2. Tampering
  3. Repudiation
  4. Information Disclosure
  5. Denial of Service attacks
  6. Elevation of privilege

Read it in full at InfosecInstitute.



Whats your Identity??


Identity management as a platform is an emerging branch of Information security. Top vendors such as Microsoft, IBM, and Oracle have taken serious plunges into the Identity management arena. In this article, we shall see what it takes to implement an Identity management solution. Information security comprises various individual components that need to go hand in hand. One of the most important components is Identity management. Be it an intrusion prevention system, site advisors, or anti-malware solutions, each has one common requirement, the identity of the user. Identity management comprises various smaller components, such as LDAP authentication, active directory authentication, authentication chain mechanisms, one-time password transactions, Kerberos authentication, and integrated Windows authentication. A successful Identity management solution uses all these flavors seamlessly.

Read the full article at InfosecInstitute Resources.



A prototype model for web application fingerprinting: w3 scrape



Web application fingerprinting is one of the most important aspects of the information gathering phase of ethical hacking. This allows us to narrow down the criteria instead of playing around with a large pool of possibilities. Fingerprinting simply means identification of objects using a certain methodology. Web application fingerprinting, specifically, is meant for identifying applications running on the HTTP server.

If you’re wondering what can be unearthed by web application fingerprinting…….. Continue Reading




8 Handy Tools for Your Sec-Arsenal


Here is a compilation of a few tools that we need to be aware of. The power, the performance and the capabilities of these tools are limited only to the creativity of the attacker. Let’s dig in to the list. These are a few handy tools that a beginner in info-sec needs to be aware of. Other tools and their capabilities will be followed in the continuing articles.


2. Metasploit


4. SET



7. w3AF

8. EXIF Viewers


For complete article refer: InfosecInstitute


Quick and Dirty Burpsuite Tutorial


Hi all,

In this article, we are going to see another powerful framework that is used widely in pen-testing. Burp suite is an integration of various tools put together to work in an effective manner to help the pen-tester in the entire testing process, from the mapping phase to identifying vulnerabilities and exploiting the same.

For complete article visit:


Sneak Peak into Exploitation

It’s a well-known saying that gathering maximum information about the enemy is half the work done in defeating him. The same holds true when you are about to attack a target (a potential victim); the first step is to gather as much information as possible. Information gathering can be broadly classified into two categories – Active and Passive. In an active reconnaissance phase, you probe the target directly to reveal information, and in passive reconnaissance, the attacker tries to extract information indirectly.

Generally an attacker tries to seek information about the Domain Name, Network Blocks, and system architecture and system enumeration via the Internet. For gaining remote access into the victim’s PC, he would also seek information about authentication mechanisms. If the attack is happening within the network, the information under siege would be network protocols, TCP and UDP services, system enumeration, and general network topology and architecture. So usually the network range is determined initially which is then followed by discovering open ports on the target. Following this, the services and enumeration of users, workgroups, etc. takes place.

Full story at InfosecInstitute.




System Exploitation with Metasploit

Dear readers!!

This is another post on Metasploit and Evading windows firewall.

Metasploit is an exploit development framework that facilitates penetration testing of IT systems. This tool initially started off as a game and was taken over by Rapid 7 for maintenance and further development. The main objective of this article is to learn the basics of exploitation with Metasploit and then climb the ladder gradually to the advanced level. Metasploit is a ruby driven environment. It allows us to develop exploits in ruby language and integrate them with existing repositories. Ruby language also allows us to use the existing exploits within its file system to carry out an attack. With this in mind, let’s brush up the key terms needed for this article.

To continue reading this article Click here.