Offensive Security

Attacks and offensive tools.

SQLMap : additional techniques

In a previous blog post, we have explained what SQL injection is, and how to exploit it using sqlmap. In this blog post, we will show some additional techniques: how to exploit web applications that use clean URLs, how to exploit a POSTed form, how to hide traces etc.

Web shells and the dangers of unrestricted file upload

In previous blog posts, we have already illustrated two web application vulnerabilities: brute force login cracking and SQL injection. In this post we illustrate a 3rd vulnerability, unrestricted file upload, and show how it can be exploited using a web shell.

Crack a login page : the easy way

In this blog post, we will show that a login page from a web application can be easily cracked if the application does not implement specific protections against this kind of attack.

SQL injection with SQLMap

Code injection is one of the most critical web application vulnerabilities. Indeed, the consequences of code injection can be dramatic (impact). Moreover, still today a lot of web applications are vulnerable to code injection (frequency). Finally, some tools like SQLMap allow to automatically detect and use these vulnerabilities (exploitation). For this reason, the vulnerability is listed in the top 10 published by the Open Web Application Security Project (OWASP) [1]. In this blog post, we will present one type of code injection, called SQL injection, and we will show how to perform a SQL injection attack with SQLMap.

Mitre Att&ck in Practice - Part II : Caldera

In the first part of Mitre Att&ck in Practice, the Att&ck Navigator and the Atomic Red Team were presented. The Navigator allows to interact with the Att&ck Matrix in a very flexible way. The Atomic Red Team (ART) is a collection of code snippets designed to actually carry out Techniques. The link between an Att&ck Technique and the ART is easily done via the Technique IDs.

Mitre Att&ck in Practice - Part I : Navigator & Atomic Red Team

One of our previous blog post presented the Mitre Att&ck Framework and the associated Mitre Att&ck Matrix. This post is the first of a set of three that will present how to link the Mitre Framework with open source tools to design and test offensive actions in practice.

Network reconnaissance with arp-scan

arp-scan is a simple tool that can be used list the IP addresses (and devices) used in a network. It works by sender ARP 'who-has' requests for every IP address of the subnet. If the IP address is used by a device, it will reply with an ARP 'reply' packet.

Orchestration script to simulate user activity on multiple machines thanks to the GHOSTS framework

The GHOSTS Framework is an open-source project created by Dustin Updyke, a cybersecurity researcher from the Carnegie Mellon University. It's a framework which offers a way to simulate user activity, usually for cyber awareness trainings or research in the field of cyber defense.

MITRE ATT&CK and the ATT&CK Matrix

Defining cyber attacks is a difficult task. They vary in origins, goals and, at first glance, the techniques used might seem very different. Luckily a popular model was defined by Lockheed Martin, still used to this day, which illustrates very well the lifecycle of a typical cyber attack. The Cyber Kill Chain, popular but controversial, defines the 7 principal steps of an attack. There have been many advances, since its original conception, one of which is the wildly acclaimed ATT&CK Matrix for Enterprise.

Kali Linux and Parrot Sec OS, Penetration Environment Comparison

For years, hackers have been the main characters of movies, books and generally have captured the imagination of regular folks. When we see these hackers use the tools of their trade, we usually see a black screen with green text flashing as fast as possible on the screen, lost in commands and bright flashing lights. This can't be any further from reality, as most hackers will spend hours and days on end to accomplish their tasks, usually staring at a screen, using their programs of choice.

New ways to run Kali Linux on Windows using WSL

Some time ago I wrote a blog about Installing Linux Bash Shell (and Metasploit) on Windows 10. This is great, when we want to enjoy the best of both worlds- keep using Windows, with its out-of-the-box configuration and set-up, and still be able to use the powerful tools available for the Linux distribution. In my previous blog I went through the steps necessary for setting up WSL and installing an Ubuntu and Kali Linux distribution. Since then, a lot of advancements have been made to facilitate the use of these distributions for Windows Users.

Running and Imaging with FTK Imager from a flash device

In the process of analyzing a suspicious machine, the first thing we need to do is to actually image the machine we want to investigate. There are different tools available to do this, but the one I most often use is FTK Imager by AccessData. The FTK Imager tool is easy to use and more importantly, there is a free version.

This website uses cookies. More information about the use of cookies is available in the cookies policy.