• Home

security

A collection of 15 posts

Private dns

Android P: Private DNS

Android Pie, or P, offers the ability to use the DNS-over-TLS capable DNS servers of your choice. This also solves the problem of having to install third party applications to change the phone's

  • hakam
    hakam
1 min read
attacks

Root DNS Servers Experienced DDoS Attack with 5 Million Queries per Second

A report from Root [DNS] Server Operations or rootops published on December 4th, 2015 stated that the Internet Domain Name System’s root name servers received a high rate of DNS queries over

  • hakam
    hakam
2 min read
bind

Bind DNS Server major flaw could let a script kiddie bring down large number of DNS servers

BIND is most widely used DNS Server to date. A major flaw was found in BIND’s versions from 9.1.0 to 9.8.x, 9.9.0 to 9.9.7-P1,

  • hakam
    hakam
1 min read
anonymity

Internet Anonymity Pros and Cons

Anonymity over the Internet has largely helped journalists escape clinching firewalls and surveillance of their governments. In fact, Freedom of the Press Foundation recommends use of The Onion Router (TOR) to better protect

  • hakam
    hakam
2 min read
dns

Automate DNS Zone Transfer

/bin/bash #Simple zone transfer bash script with $1 being first argument given #Tested against zonetransfer.me #for example ./zonetransfer.sh zonetransfer.me if [ -z "$1" ];then echo "[] Simple Zone

  • hakam
    hakam
1 min read
Google's No Captcha reCaptcha Breakable?
blogs

Google's No Captcha reCaptcha Breakable?

Egor Homakov of Sakurity claims, I’d say proved, that Google’s No Captcha reCaptcha might not be as bot proof as we thought. Due to reCAPTCHA’s reliance on user’s previous

  • hakam
    hakam
1 min read
nmap

Scanning North Korean Public IP space

via  http://nknetobserver.github.io/ **Some noteworthy points:**- The allocated North Korean network range is 175.45.176.0/22 - 210.52.109.0 – 210.52.109.255 block is assigned

  • hakam
    hakam
2 min read
grep

Quick Nmap ping sweep and output to grep-able format

Start with laying out what range of IP addresses you want to scan. I’d suggest keeping it limited to your specific targets. Then run this as root: nmap -sn -v -oG nmapped.

  • hakam
    hakam
1 min read
hacking

PingSweep with Scapy

Want to get a bit geekier with your ping sweeps? Python Scapy can be used to create, modify, send, and intercept network packets and any TCP/IP layer. Here is a simple ping

  • hakam
    hakam
1 min read
certification

My journey towards OSCP

I’ve started studying for Offensive Security Certified Profession (OSCP) certification also called Penetration Testing with Kali (PWK). This certification claims to give you good grip on penetration testing which includes network and

  • hakam
    hakam
1 min read
google

SSL3 Vulnerability code-named 'Poodle'

SSL version 3 is still being supported across all platforms. That is , even though this encryption mechanism for the web is 15 years old, almost as old as Windows XP. Google researchers revealed

  • hakam
    hakam
1 min read
hacking

Information Leakage

Contents 1)     Introduction. 2 2)     Information Leakage. 2 3)     Types of Information Leakage. 4 a) Intentional Leaks. 4 i) Internal Agents. 5 ii) External Agents. 6 b) Accidental Leaks. 6 4)     Exploitation Channels.

  • hakam
    hakam
11 min read
hacking

HTTPS Security Encryption Flaws Found

Mathew J. Schwartz | March 19, 2013 10:09 AM http://www.informationweek.com Security researchers have discovered weaknesses that could be exploited to crack some types of encrypted Web communications. The flaw exists

  • hakam
    hakam
3 min read
rdp

Securing Remote Desktop Connection

Recently I’ve gotten tired of using logmein. Their servers are getting slow and finishing my daily tasks is getting difficult. So what am I gonna do? Remote Desktop. Well of course, I

  • hakam
    hakam
3 min read
attacks

Nokia Performing Man-in-the-Middle Attacks

From Bruce Schneier’s Cryptogram: Man-in-the-Middle Attacks Against Browser Encryption Last week, a story broke about how Nokia mounts man-in-the-middle attacks against secure browser sessions. “The Finnish phone giant has since admitted that

  • hakam
    hakam
1 min read
© 2019
Latest Posts Twitter Ghost