Recon Safari #4: Domains Riding the Robinhood Wave
During the past couple of weeks, the popular free financial trading app Robinhood made headlines for halting purchases of certain stocks. This has resulted in a lot of bad publicity for the company. And because threat actors enjoy exploiting trending news topics to their advantage, we decided to look at newly registered Robinhood domains to see how they’re being used.
Finding Coronavirus Malicious Domain Names
The coronavirus outbreak (COVID-19) is arguably one of the most widely publicized events of the century. Information surrounding this pandemic has been incredibly spare, provoking a true “infodemic” through the spread of unhelpful related content like jokes, doubtful home prevention treatments and viral fake videos, along with useful and accurate information as well.
6 Tips to Harden Your HTTP Headers
Web-based attacks are one of the most common types of cybercrime, and in most cases, the attacked protocol is the HTTP, while the component that receives the attacks is the web server.
Top 15 OSINT Web Browser Extensions
OSINT stands for Open Source Intelligence, as explained in our previous article What is OSINT? At that time, we learned about the concept of OSINT, how to make use of it, and its most popular techniques.
Two-Factor Authentication vs. Multi-Factor Authentication: Differences Explained
The number of people who rely on weak passwords such as “Password1234” has long been worrisome, so it’s no surprise that stolen credentials are one of the most common causes of data breaches. Even a more complex password can’t guarantee safety from cyber attacks.
Information Gathering: Concept, Techniques and Tools explained
“Information is power,” as the saying goes. And in most scenarios it’s true: having critical information, at the right time, and especially knowing how to use it, can be a great source of power.
What is CVE? - Common Vulnerabilities and Exposures
In May 2017, WannaCry, a strain of ransomware, spread quickly around the world. It managed to affect National Health Service hospitals in England and three companies in Spain and reached many other countries including Russia, France and Japan.
Top 10 vulnerable websites for penetration testing and ethical hacking training
The infamous cybersecurity skills gap is rising, and more than ever, companies are in need of security professionals to protect their networks and systems. So whether you’re just starting out in cybersecurity or you’re established as an expert, you constantly need to work on practising and sharpening your hacking skills.
Banner Grabbing: Top Tools and Techniques Explained
We shared a few details about banner grabbing in our previous article about cybersecurity fingerprinting. Today, we’ll dig a little bit deeper, to define what it is, explore its different types, and examine some real-world examples showing how you can grab banners from different services on the Internet with both command-line tools and web-based interfaces.
Best Honeypots for Detecting Network Threats
Usually on this blog we write about red-team tools for penetration testing, such as vulnerability scanning tools, port scanning utilities, top ethical hacking Linux distributions, and much more regarding the OSINT world. However, this time we’re switching to the defensive side: let’s talk about honeypots!