Hybrid Kill Chain & Attack Methodology

December 3, 2017May 12, 2024 / Miguel Bigueur / Leave a comment

Report by Miguel Bigueur & Les Davis

Figure 1. Anatomy of a URL and Web Server Architecture.

The intent to manipulate URL inputs is a method of infiltration utilized by criminals as a means of legitimacy. The goal here is to masquerade as legitimate traffic in an effort to penetrate firewalls uninhibited, while bypassing all pre-established defense mechanisms. Once this is achieved, an attacker is afforded the opportunity to escalate privileges with an opportunity to engage in lateral movements.

A few tools that can be used to help discover vulnerabilities in web and mail servers include: Continue reading →

Defending Against Password Attacks

January 1, 2016January 5, 2016 / Miguel Bigueur / Leave a comment

Let’s face it; MAC filtering is not an effective way to combat brute force attacks against pre-shared keys. On my Access Point (AP) at home, in other words my home router, I use MAC filtering not as a security mechanism but rather as a way to assign a private IPs to a specific device’s MAC address using a method called “IP Reservation” with DHCP. This basically ensures the IP is reserved and ready for use on that particular device the next time it connects to the network. With that said, defeating MAC filtering in regards to cracking pre-shared keys is very doable. MACs can be masqueraded “spoofed” very easily, such as, capturing an end-user’s MAC address using a passive network scanner. Continue reading →