browser

Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in a day?’ URL but actually he/she clicks on the content or URL that exists in the transparent ‘iframe’ which is setup by the attacker. What is the name of the attack which is mentioned in the scenario?

Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in …

Scenaro : 1. Victim opens the attacker’s web site. 2. Attacker sets up a web site which contain interesting and attractive content like ‘Do you want to make $1000 in a day? 3. Victim clicks to the interesting and attractive content URL. 4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in a day?’ URL but actually he/she clicks on the content or URL that exists in the transparent ‘iframe’ which is setup by the attacker. What is the name of the attack which is mentioned in the scenario? Read More »

session ID

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID links the target employee to Boney’s account page without disclosing any information to the victim. When the target employee click on the link, all the sensitive payment details entered in a form are linked to Boney’s account. What is the attack performed by Boney in the above scenario?

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID link the target employee to Boney ‘s account page without disclosing any information to the victim. When the target employee click on the link, all …

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID links the target employee to Boney’s account page without disclosing any information to the victim. When the target employee click on the link, all the sensitive payment details entered in a form are linked to Boney’s account. What is the attack performed by Boney in the above scenario? Read More »

NetBIOS

Allen, a professional pen tester, was hired by XpertTech solution to perform an attack simulation aon the organization’s network resources. To perform the attack, he look advantage of the NetBIOS API and targeted the NetBIOS service. By enumerating NetBIOS, he found that port 139 was open and could see the resources that could be accessed or viewed on a remote system. He came across many NetBIOS codes during enumeration. Identify the NetBIOS code used for obtaining the messenger service running for the logged-in user?

Allen, a professional pen tester, was hired by XpertTech solution to perform an attack simulation on the organization’s network resources. To perform the attack, he look advantage of the NetBIOS API and targeted the NetBIOS service. By enumerating NetBIOS, he found that port 139 was open and could see the resources that could be accessed or viewed on a remote system. He came across many NetBIOS codes during enumeration. Identify the NetBIOS code used for …

Allen, a professional pen tester, was hired by XpertTech solution to perform an attack simulation aon the organization’s network resources. To perform the attack, he look advantage of the NetBIOS API and targeted the NetBIOS service. By enumerating NetBIOS, he found that port 139 was open and could see the resources that could be accessed or viewed on a remote system. He came across many NetBIOS codes during enumeration. Identify the NetBIOS code used for obtaining the messenger service running for the logged-in user? Read More »

port

What is the port to block first in case you are suspicious that an IoT device has been compromised?

What is the port to block first in case you are suspicious that an IoT device has been compromised? Option 1 : 443 Option 2 : 22 Option 3 : 80 Option 4 : 48101 1. 443 You can perceive Port 443 as an online browsing port wont to secure browser communication or HTTPS services. It will offer coding and transport over secure ports. Thus, the information you transfer across such connections are extremely proof …

What is the port to block first in case you are suspicious that an IoT device has been compromised? Read More »

network users

The network users are complaining because their system are slowing down. Further, every time they attempt to go a website, they receive a series of pop-ups with advertisements. What types of malware have the system been infected with?

The network users are complaining because their system are slowing down. Further, every time they attempt to go a website, they receive a series of pop-ups with advertisements. What types of malware have the system been infected with? Option 1 : Virus Option 2 : Spyware Option 3 : Trojan Option 4 : Adware 1. Virus The malware of a trojan horse, very like a grippe virus, is meant to spread from host to host …

The network users are complaining because their system are slowing down. Further, every time they attempt to go a website, they receive a series of pop-ups with advertisements. What types of malware have the system been infected with? Read More »

What is Malware Forensic

What is Malware Forensics?

The genesis of computer viruses started in early 1980s when some researchers came up with self-replicating computer programs. In 1984 Dr. Cohen provided a definition for computer viruses saying, “A virus is program that’s ready to infect other programs by modifying them to incorporate a possibly evolved copy of itself”. This definition is predicated on the behavior of programs of that period, was appropriate. However, overtime viruses have evolved into dozens of various categories and …

What is Malware Forensics? Read More »

Forensic Investigation Tools

FREE Forensic Investigation Tools for IT Security Expert

View Original Tools are the administrator’s best friend; using the proper tool always helps you to maneuver things faster and cause you to productive. Forensic investigation is usually challenging as you’ll gather all the knowledge you’ll for the evidence and mitigation plan. Here are a number of the pc forensic investigator tools you’d need. Most of them are free! Autopsy Autopsy may be a GUI-based open source digital forensic program to research hard drives and …

FREE Forensic Investigation Tools for IT Security Expert Read More »

Overview-of-TCP_IP-Applications

Overview of TCP/IP Applications

Overview of TCP/IP Applications the whole goal of building an enterprise network, or connecting alittle home or office network to the web , is to use applications like web browsing, text messaging, email, file downloads, voice, and video. This section examines one particular application—web browsing using Hypertext Transfer Protocol (HTTP). the world Wide Web (WWW) consists of all the Internet-connected web servers within the world, plus all Internet-connected hosts with web browsers. Web servers, which …

Overview of TCP/IP Applications Read More »