Complete guide on cold wallets for Cryptocurrencies
Complete Guide to Cryptocurrency Wallets …
What can happen if our social media accounts, email, or other applications are stolen from us?
social media email stolen …
What should we do if we become victims of ransomware?
1. What is ransomware and what impact does it have? In this article, we will explore how to proceed in the event that our systems have been compromised by ransomware, something that has become quite common in recent times. Ransomware is defined as a type of malicious program (malware) that encrypts the computer data of infected machines and demands a ransom payment, usually in cryptocurrencies (Bitcoin, Monero, etc.), in exchange for removing this restriction and restoring data access to the victim. A ransomware attack can result in significant financial losses for companies. If they don’t have recovery plans in place …
Anonymous Connection, Information Exfiltration, and Covering Tracks in Red Team Operations (RTO)
1. Introduction and Objectives In this article, we will demonstrate how an attacker can exfiltrate a complete clone of a hard drive or a disk partition in a silent and professional manner, as should be done in a Red Team Operation (RTO). We will employ the same tactics, techniques, and procedures (TTPs) used by cybercriminal groups. We will not delve into the details of how an attacker can compromise a system at this level, as it is not the objective of this article (we have several articles on our blog that cover this topic). However, it’s important to note that …
Publishing a website or files on the Deep Web using a Raspberry Pi anonymously (OnionShare).
1. Introduction and Objectives In this article, we will demonstrate how one can publish a website or a file-sharing space on the Deep Web (TOR network) using a Raspberry Pi, ensuring both security and anonymity. Throughout the project, we will encounter challenges that we must mitigate to the best of our ability while upholding the principles of security and anonymity. The main objective is to show readers how straightforward it is today for someone with basic systems knowledge to set up their own anonymous infrastructure for sharing information. Additionally, we will outline the measures to be taken in order to …
Attack Using BadUSB Devices or Rubber Ducky
1. Introduction and Objectives In this article, we will conduct a practical study on how an organization can be compromised using a BadUSB device, whether it’s inserted into a computer by an attacker with physical access to the victim’s system or by an unsuspecting user who falls victim to deception. We will get straight to the point without spending time on explanations about the technical features of these types of hardware or preparing Arduino IDE, as this information is readily available in numerous articles from other cybersecurity companies. In this article, our focus will be on programming a BadUSB using …
Covering Tracks After an Intrusion
1. Introduction and Objectives This phase, not covered in the cycle of “professional ethical hacking” but indeed in “Red Team Operations,” is necessary to gain a deeper understanding of the MITRE methodology used by many black/grey hats. Furthermore, it’s also valuable for those tasked with performing forensic analysis on the victim system. After the attacker has completed their intrusion into the victim system, they should erase their tracks by deleting system event log files, as well as other specific programs and services that were used for exploitation. This action makes detection and forensic analysis more challenging. During a “Red Team …
Man In The Middle (MITM): Capturing Credentials with SSLStrip2 and Delorean
Introduction and Objectives This attack, as its name suggests, involves positioning oneself in the middle of the data transmission between the machines that make up the network and the router. Its main objective is espionage, capturing sensitive data that flows through the network, obtaining access credentials to devices and user accounts for potential privilege escalation, conducting subsequent phishing attacks by knowing the websites that organization users frequently visit, using a “remote browser” attack, among many other intriguing activities. Initially, we will use basic auditing tools to conduct an attack of this kind. These tools are “ettercap” and “Wireshark”. With “ettercap,” …
Netcat, Cryptcat, and Ncat: The Swiss Army knives of hacking.
Introduction and objectives We are going to study the functioning and behavior of these tools, which provide the pentester with a range of opportunities in system auditing. You can download them from the following links: In the practical exercise we are going to perform in this article, we will learn how to obtain a remote machine’s command shell by using these tools. Subsequently, we will also conduct a study of the network traffic generated using each of these tools, with the aim of understanding communication security. Obtaining a “bind shell” in a LAN. a) Machines used for the practice To …