Welcome back my fellow hackers! Today we're going to be beginning to cover a post-exploitation framework named Empire. … [Read More...]
Featured Articles
Python SMTP User Enumeration for Penetration Testing
Welcome back my fellow hackers! I was thinking recently, and came to the realization that we haven't really been cooking … [Read More...]
What is a Pentest? – Simplified Guide
What is a penetration test? A penetration test, or a pentest for short, is an authorized simulated cyber attack against … [Read More...]
Latest Blog Updates
Loading...PowerShell Empire for Post-Exploitation
Welcome back my fellow hackers! Today we're going to be beginning to cover a post-exploitation framework named Empire. Empire implements Windows PowerShell in order to manipulate the infected host. Empire also encrypts the traffic between the C&C server and the host, providing secure C2 communications. To introduce us to PowerShell Empire, we'll be using some of its modules to gain privileged access to a Windows 7 Pro VM. To accomplish this, we'll generate a malicious HTA that will allow us to gain initial access, which we'll then follow up with a bypass UAC, giving us privileged access. Once we've … [Read More...]
The Information Security Triad CIA Explained
What is the CIA Triad? The information security CIA triad, standing for Confidentiality, Integrity, and Availability, is an information security governance model that organizations strive to attain when drafting their information security programs. The model was originally designed to manage security policies and act as a framework for data security administration. One of its primary focuses is to achieve a stabilized balance between confidentiality, integrity, and the availability of the organization’s data without disrupting its productivity and policy implementation. The three attributes represent critical … [Read More...]
Python SMTP User Enumeration for Penetration Testing
Welcome back my fellow hackers! I was thinking recently, and came to the realization that we haven't really been cooking up any homemade tools here at HackingLoops, so I've decided to change that. Today we're going to be learning about SMTP user enumeration, as well as building an enumeration tool of our very own and taking things further than just using the python smtplib to send emails. First, we'll discuss the SMTP protocol, then we'll follow it with the purposes and potential of this enumeration. Once we've covered that, we'll discuss the methods that we can use to enumerate these users and test smtp. … [Read More...]
Becoming a Cyber Security Analyst – Guide
Who is a Security Analyst? One of the most vital positions in implementing and maintaining security controls around a company’s critical data is the security analyst role. The main responsibility of a security analyst is to keep sensitive digital assets out of reach when it comes to cyber attacks. This can be accomplished by working to protect the company’s technological infrastructure including its computers, servers, applications, terminals...etc. Security analysts thus occupy an inter-departmental role that spans a wide variety of objectives to fix previously identified security flaws within both assets and … [Read More...]
Becoming a Cyber Security Engineer – How-To Guide
Who is a Cyber Security Engineer? The term “engineer” has recently lost its true meaning in the field of information technology and has become generalized to a certain extent. This is mostly due to the vast and recent technological advancements which in turn created an abundance of security positions classified as security engineer. Generally speaking, a cyber security engineer is neither an entry nor a high level position and is pretty much a hands on and technical career. The functions and responsibilities of a security engineer will vary in relation to their background, field, hard skills, and job … [Read More...]
Like Us On Facebook
Become a Member
