fbpx
domain

Gerard, a did gruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attack and bring down its reputation in the market . To launch the attack process, he performed DNS footprinting to gather information about DNS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names, IP addresses, DNS records, and network Whois records. He further exploited this information to launch other sophisticated attack. What is the tool employed by Gerard in the above scenario?

Gerard, a did gruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attack and bring down its reputation in the market . To launch the attack process, he performed DNS footprinting to gather information about DNS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names, IP addresses, DNS records, and network Whois records. He further exploited this information to launch other sophisticated attack. What is the tool employed by Gerard in the above scenario?

Option 1 : Towelroot
Option 2 : Knative
Option 3 : Bluto
Option 4 : zANti

1. Towelroot

Towelroot may be a small tool (so small that it takes up just 100 kilobytes) that permits you to root your Android device in only a couple of seconds, all by installing the APK and pressing a button. Yes, you read that right: no convoluted processes during which you’ve got to attach your Android to a computer, then reset it, etc. All you’ve got to try to to is tap a button, and it’s done.

This app is developed by the favored developer and hacker Geohot, who has found vulnerabilities in Apple devices (the iPhone) and Sony (the Playstation three, to be exact). that is to say , this app comes with the best guarantee possible.

Once you’ve the appliance put in on your device, simply run it and tap the button that says ‘make it ra1n’. in just a flash , while not even having to restart, your android phone are going to be perfectly rooted.

Towelroot is currently one among the simplest alternatives that you simply can find to root your Samsung Galaxy S5 or S4. It also can root a Nexus 4 or 5, and other models, too. In short, if you would like to root a tool , this is often the simplest option.

2. Knative

Knative is a good way to induce started quickly on serverless development with Kubernetes.

Knative is an open source community project that adds components to Kubernetes for deploying, running, and managing serverless, cloud-native applications. It enables a lot of productive development with less interaction with Kubernetes’ infrastructure.

There is a large amount of knowledge out there regarding Knative, networking, and serverless deployments, and this introductory tutorial covers simply a bite-size amount of it. during this walkthrough, i’ll use Knative with Minikube to form a Knative app—a easy container that prints messages in response to a curl command or in a very web browser at a link provided by the deployment.

Knative uses custom resource definitions (CRDs), a network layer, and a service core. For this walkthrough, I used Ubuntu 18.04, Kubernetes 1.19.0, Knative 0.17.2, and Kourier 0.17.0 as the Knative networking layer, as well because the Knative command-line interface (CLI).

A CRD may be a custom resource definition within Kubernetes. A resource is associate endpoint within the Kubernetes API that stores a collection of API objects of an exact kind; for instance, the built-in pod’s resource contains a group of pod objects. this allows an growth of the Kubernetes API with new definitions. One example is that the Knative serving core, that is outlined to possess internal autoscaling and speedy deployment of pods with the proper roles and access predefined.

Kourier is an Ingress (a service to let in external network traffic) for Knative serving and a lightweight various for the Istio ingress. Its deployment consists only of an Envoy proxy and a control plane for it.

To understand the ideas during this tutorial, i recommend you’re somewhat familiar with:

  • Serverless, cloud-native applications
  • Ingress with Envoy proxies, i.e., Istio
  • DNS in Kubernetes
  • Kubernetes patching configurations
  • Custom resource definitions in Kubernetes
  • Configuring YAML files for Kubernetes
3. Bluto

Bluto has gone through a large code base change and various feature additions are added since its 1st day on the task. currently that RandomStorm has been consumed and not exists, I felt it time to maneuver the repo to a new location. therefore from this rat push forward Bluto can live here. I hope you enjoy the new Bluto.

The sophisticated attack target domain is queried for MX and NS records. Sub – domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them gives up their spinach, Bluto will attempt to identify if Sub Domain Wild Cards are being used. If they are not Bluto will brute force sub domain using parallel sub processing on the top 20000 of the ‘The Alexa Top 1 Million sub domains’ If Wild Cards are in place, Bluto will still Brute Force Sub Domain but using a different technique which takes roughly 4 x longer. NetCraft results are then presented individually and are then compared to the brute force results, any duplications are removed and particularly interesting results are highlighted.

Bluto now will email address enumeration supported the target domain, presently using Bing and Google search engines and gathering knowledge from the e-mail Hunter service and LinkedIn. https://haveibeenpwned.com/ is then used to determine if any email addresses are compromised. previously Bluto made a ‘Evidence Report’ on the screen, this has now been stirred off screen and into an html report.

4. zANti

zANTI™ could be a mobile penetration testing toolkit that lets security managers assess the risk level of a network with the push of a button. This simple to use mobile toolkit enables IT Security administrators to simulate an advanced attacker to spot the malicious techniques they use within the wild to compromise the corporate network.

Learn CEH & Think like hacker


This Blog Article is posted by

Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092

Contact us – www.info-savvy.com

https://g.co/kgs/ttqPpZ

Leave a Comment