These previous weeks, some blog posts about OSINT were published on this website. Maybe you want to use these tips in some practical cases or exercises.
Read moreThis new post on the OSINT field will discuss usernames.
Read moreIn the OSINT field, perform good queries in search engines is very important. Search engines collect a lot of data every day and it could be very difficult and challenging to find good information.
Read moreThis second blog post on the OSINT field will talk about Facebook. Again, it is a really simple tip but very interesting.
Read moreOSINT, for Open Source INTelligence, is the process of searching for, gathering and analyzing data found from public sources. The data are accessible without breaking into any systems (hacking, phishing, etc.). Sometimes, data are behind a paywall (it is necessary to pay a monthly subscription to have access to some specific data) but a lot are easily accessible with the right tricks.
Read moreA password is like a "key" used to open a specific door or vault. In this vault, there can be different personal documents, pictures, banking information... It is obvious that a user wants its personal documents secure. If the "key", therefore the password, is easy to find, the vault can be as strong as you want, it will be easy to open it.
Read moreA tedious step for all red-teamers is set up a system to upload payloads on the victim's machine. Kuba Gretzky, the author of Evilginx, released a nice tool to simplify this task.
Read moreMost of the countries around the world are in a more or less hard lockdown. In Europe, some countries are gradually starting to allow certain sports outings, visiting family or opening certain stores. An important fear is a possible second wave of contamination. To prevent that, some governments provide a mobile application to track the virus spreading.
Read moreDuring each crisis, some people use the fear of the population to make benefit. Unfortunately, the COVID-19 crisis is not an exception. There are a lot of different scams related to COVID-19. And a place where it is easy to perform these scams is on the Internet. Globally, the methods used are the same as before the crisis, but currently, the word, Coronavirus, COVID-19,... inspire fear. Fear lowers the level of caution for a lot of people. The possibility that a phishing campaign works is greater now than a few months ago, for example.
Read moreUsually, Android applications are written in Java (or, now, in Javascript) and compiled in a Dalvik bytecode (DEX file). Then, the bytecode is interpreted and executed by the Dalvik Virtual Machine.
Read moreIn May 2019, Google announced there are 2.5 billion active Android devices. Thereby, most companies develop their own application. Not only the richest companies like Google, Facebook, Amazon,... but also a lot of smaller businesses.
Read more