This post explains what is a DLL side-loading attack in the context of IT security. What is a DLL Side-loading Attack? A Dynamic Linked Library (DLL) is a file that is used on Windows systems to group functions. By using DLLs, common functionality can be isolated and re-usability is enabled. As DLL are particular […]
Tag Archives | attack
List of Web Server Attack Tools
List of web server attack tools metasploit Wfetch THC Hydra HULK DoS MPack w3af Among the most popular, there is metasploit and Wfetch. List of web server attack tools metasploit https://www.metasploit.com/ Wfetch https://download.cnet.com/WFetch/3000-2356_4-10735465.html THC Hydra https://www.thc.org HULK DoS https://github.com MPack https://sourceforge.net w3af http://w3af.org External references EC-Council; “CEH v10. Module 14 Hacking web servers”, […]
Tools to launch MAC Spoofing Attack
Tools to launch MAC Spoofing Attacks: Technitium MAC Address Changer Source: https://technitium.com MAC Address Changer (http://www.novirusthanks.org) Change MAC Address (https://lizardsystems.com) GhostMAC (http://ghostmac.fevermedia.ro) Spoof-Me-Now (https://sourceforge.net SpoofMAC (https://github.com Win7 MAC Address Changer SMAC One of the most popular is Technitium MAC Address Changer. Tools to launch MAC Spoofing Attacks Technitium MAC Address Changer https://technitium.com MAC Address […]
List of Web Service Attack Tools
List of web service attack tools: SoapUI Pro XMLSpy List of web service attack tools SoapUI Pro https://www.soapui.org SoapUI Pro is a web service testing tool which supports multiple protocols such as SOAP, REST, HTTP, JMS, AMF, and JDBC. Attacker can use this tool to carry out web services probing, SOAP injection, XML injection, and […]
Smurf Attack
Smurf attack, also known as ICMP Echo Request, is a distributed reflection denial of service (DRDoS). Othe examples of DRDoS are DNS poisoning and fraggle attack. Description of smurf attack Smurf attack is performed as follows: First, the malware creates a network packet attached to a false IP address representing the victim — a technique […]
Cybersecurity Attack Phases
According to EC-Council EC-Council identify in the CEH course 5 hacking phases: Reconnaissance Scanning Gaining Access Maintaining Access Clearing Tracks According to ISACA ISACA identify 8 phases in a cybersecurity generalized attack processs: Perform reconnaissance Create attack tools Deliver malicious capabilities Exploit and compromise Conduct an attack Achieve results Maintain a presence or set of […]
Common Cybersecurity Attacks
Non-exhaustive list of common Cybersecurity Attacks: Brute-force Attack Cross-Site Request Forgery (XSRF) Cross-Site Scripting (XSS) Denial of Service (DoS) Man-in-the-middle (MITM) Rogue access point Session hijacking Spoofing of data packets SQL Injection Detailed List Brute-force Attack A brute-force attack (a.k.a. brute force cracking) is the cyberattack equivalent of trying every key on your key […]
