Hey, It’s been a busy month for me and I was not able to save time to write the final part of the series on Malware Development. But I am receiving too many DMs on Twitter accounts lately to publish the final part. So here we are. If you are reading this blog, I am […]
Recap In the previous post, we wrote a simple CMD Reverse Shell over TCP. However, in a real-life scenario, things would be pretty different. In this post, we will be focusing on Evading Antivirus and covering the following topics: Creating a Simulated Environment using Windows Active Directory, DNS, Proxy and Firewall. Writing C/C++ code for […]
The Prologue This is my reposting of the blog series I wrote here at ScriptDotSh If you haven’t watched the videos yet, here are my links to both the antivirus evasions I performed: 1. Windows Cloud ML Defender Evasion 2. Kaspersky AV Evasion Besides the above two, I was also able to evade the Symantec […]
by Bhushan Shah, NII Consulting The index.dat is a file which contains the list of the websites that one has visited. It comes from “indexing” which is used to speed up query responses. The autocomplete feature in Internet Explorer compares the addresses to the index.dat to find an appropriate match. The size and life of […]
Securing your passwords against Rainbow Table Attacks By Bhushan Shah, NII Consulting In the previous article we looked at the Rainbow Tables and how it can crack windows passwords in a matter of seconds. In this article we will look at different ways to add complexity to the passwords and protocols to secure your system […]
By Chetan Gupta, NII Consulting In my previous article on Userassist, I had mentioned how UserAssist records user access of specific objects on the system and how it would greatly aid forensic investigations. Although, I had shown how to decrypt the keys, the important thing that was missing was how to interpret the 16 bytes […]
Penetration Testing Fyodor’s back with his top 100 security tools for 2006. One of the most significant, but not surprising, entries is that of Metasploit Framework at #5 on the list. Since the launch of the 2.0 series, Metasploit has become one of the most popular security tools out there. The 3.0 series is a […]
By Chetan Gupta, NII Consulting A supposedly nightmarish tool for the investigator community! Recently this tool was released at the metasploit anti-forensics site and is available here. Like the website mentions, this tool can be a headche for any forensic investigator and a handy tool for any mischevious since it has the ability to change […]
