Learn Cyber Security

Wireshark Tips and Tricks If you were tasked to put together a forensic toolkit with 25 tools or less, chances are Wireshark would be one of those tools--especially if you planned on dealing with packet captures. Because it is free, open source, and cross-platform, Wireshark makes a great packet capture and analysis tool for just about any forensic toolkit. Never the less, this staple tool has been around for so long (think back to the days of Ethereal) that we sometimes take it for granted. In this article we will explore a few tips and tricks that highlight why we like this  tool so much. Obtaining the software This seems easy enough, right? Many Linux distributions come with Wireshark installed as a default package and Windows has an easy point and click install package. But did you know there is a PortableApps release of Wireshark? How about a U3 release as well? The PortableApps and U3 downloads allow you to run Wireshark from a USB stick without the nee...

Post-Exploitation What is Post-Exploitation? Post Exploitation is an important process in any penetration test scenario as it allows the attacker to extract information from the exploited system. Metasploit provides modules for Post Exploitation activities for a variety of systems. In this section, we will examine how we can use Metasploit to perform Post Exploitation. For instance here, suppose that we want to extract all Firefox passwords from the exploited system, Metasploit offers an – easy to use – module for that purpose: “post/multi/gather/firefox_creds” is the right one for this specific task, so let’s use it: For all Post Exploitation modules, you have to specify the SESSION id when you are trying to switch the module on, you can get a list of all current sessions with the following command as we mentioned earlier:     sessions -l This demonstrated a simple Post Exploitation which is performed with MSF modules, it also offers a ...