Below are a few sites which can help you identify if the site or email in question is a phish/fake....
Useful Sites To Help Identify A Phish
DoH – DNS over HTTPS
Seeing the little padlock next to the URL is starting become the norm when surfing the internet. Site owners are starting to make the effort to implement better security controls in order to secure their site. Even malicious parties are bothering to do......
Should We Give Users Local Admin Rights?
A common debate in cyber security is "can a user have admin rights to their machine?" Personally, I've always been on the side of no but recently been I've been torn. Hence why I'm now brain dumping on my blog.....
Finding Access Anywhere Servers Using Certificates
Remote users are a part of every organization and the need to provide external access can be a real problem. For the bigger organizations, they will most likely implement several security controls in order to isolate their users from the rest of the internet. For some, they may want to go for the cheaper option to provide remote access......
Google Calendar – “Free iPhone Phish”
If suddenly you find that Google Calendar is telling you to pick up that iPhone 11 you've won, don't worry, you've not been hacked. Most likely what has happened is that a Phishermen has sent multiple calendar invites to you knowing that they can abuse Google Calendars default event settings.......
SMB Relay Attack
SMB is commonly used for sharing files, printers and communication often between client to server. Before a client can communicate with the server or another client though, they will be required to authenticate themselves. This is simple access control.....
Deepfake Technology
Deepfake is an AI based technology that basically manipulates video content so that it presents something that didn’t happen......
WinRM_Brute_Scanner Guide
I wrote this script to be able to scan for this service on a Windows system. Because this uses PowerShell commands, no AV should interfere, and no additional modules are required. Once obtained, remote commands can be sent.
Hacking Windows Remote Management (WinRM)
“Windows Remote Management (WinRM) is the Microsoft implementation of WS-Management Protocol, a standard Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol that allows hardware and operating systems, from different vendors, to interoperate....
Meterpreter Basics
Meterpreter is a very powerful payload that can be dropped using an exploit in Metasploit. Once obtained, there is quite a lot that you can do. This is what I’m going to cover below. To find out more about Meterpreter, click the link below. This site also has examples on how to use the modules........
