Spear Phishing

Tags

, , ,

Spear phishing is an e-mail spoofing fraud that targets a specific organization, seeking unauthorized access to confidential data. Such phishing attacks are not initiated by “random hackers” but are more likely to be performed for financial gain, trade secrets or military information.

If a hacker wishes to gain access to a database within an organization, the best way to do so will be to gain access to a database administrators(DBA) computer.

Continue reading

detecting cross site scripting vulnerabilities

Tags

, , , ,

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers to inject client-side script into Web pages viewed by other users.

One of the following 3 approaches can be taken to detect cross site scripting :

Continue reading

windows surgery with process hacker

Tags

, , ,

Process Hacker is a free, open source, process investigation and management tool for Windows. It is useful for analyzing malware, troubleshooting, and understanding how Windows works at a deeper level. Here is an overview of some Windows internals as background information for many SANS courses, and some examples how one might analyze malware with the tool.

Continue reading

Tool to fix infected SVCHOST.EXE

Tags

, , ,

Windows runs many processes which may include various unknow viruses. Svchost.exe is one strange process in windows OS. You will find many instances of the process running under the same name. These processes consume a lot of memory and can not be terminated as they provide some necessary services like windows firewall, windows defender etc.

For such situations, you can use : Svchost Process Analyzer. It is a free tool that requires no installation and will add no entry to registry keys.

Continue reading