I created this blog to contribute to the forensic community. Here you can read about useful tools, upcoming events and the latest in research. I hope this blog benefits all who read it.
Spear phishing is an e-mail spoofing fraud that targets a specific organization, seeking unauthorized access to confidential data. Such phishing attacks are not initiated by “random hackers” but are more likely to be performed for financial gain, trade secrets or military information.
If a hacker wishes to gain access to a database within an organization, the best way to do so will be to gain access to a database administrators(DBA) computer.
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers to inject client-side script into Web pages viewed by other users.
One of the following 3 approaches can be taken to detect cross site scripting :
Process Hacker is a free, open source, process investigation and management tool for Windows. It is useful for analyzing malware, troubleshooting, and understanding how Windows works at a deeper level. Here is an overview of some Windows internals as background information for many SANS courses, and some examples how one might analyze malware with the tool.
FBPWN is a cross-platform java based Facebook profile dumper developed by Information Security Analyst team from RISST, released under GPL License. it dumps all the information,photos and friend list of your targets to a local folder.
How FBPwn Works ?
This application is super fast and it fetches data rapidly as soon victim access requests. It will dump all victim information including username, email, friend list, photos and other info. Typically, first you create a new blank account for the purpose of the test. Then, add all the friends of the victim (to have some common friends). Choose one of the victims friends. Afterwards, a friend request is sent to the victim’s account. As soon as the
Windows runs many processes which may include various unknow viruses. Svchost.exe is one strange process in windows OS. You will find many instances of the process running under the same name. These processes consume a lot of memory and can not be terminated as they provide some necessary services like windows firewall, windows defender etc.
For such situations, you can use : Svchost Process Analyzer. It is a free tool that requires no installation and will add no entry to registry keys.