Something went wrong. Please try your request again later.
Follow to get new release updates and improved recommendations
About Jithin alex
Customers Also Bought Items By
Are you an author?
Help us improve our Author Pages by updating your bibliography and submitting a new or current image and biography.
Author Updates
-
-
Blog postInformation Technology Service Management (ITSM) Processes.
1) Service Request Management
Focuses on requests and responses for the IT help-desk items. The processes should be established and uniform. To reduce the workload on agents, organization may consider implementing self service options or chat-bots.
2) Service Catalogs
Generally Service Catalogs is a central location/webpage with all the details for contacting the help-desk. It may also contain the self -
Blog postWhen you do malware analysis of documents or office files, it is important to have Microsoft Office installed in your Lab machine. I am using flare VM and it doesn't comes with MS Office. Since Microsoft is promoting Microsoft 365 over the offline version, finding the offline installer is not that easy.
Here is the list of genuine Microsoft links to download the office .img files.
Download Microsoft Office 2019 Professional Plus : https://officecdn.microsoft.com/db/492350F -
Blog postWindows comes preinstalled with a lot of bloatware, telemetry and unnecessary services enabled. This results in higher resource utilization and less privacy. This post introduces some free open tools that helps to enhance privacy on windows by disabling unnecessary services and bloatware.
1) Privatezilla
Privatezilla integrates the most critical Windows 10 privacy settings and allows you to quickly perform a privacy check against these settings. Active settings are marked with th -
Blog postConsolidated list of selected top 10 Infosec Learning resources and platforms.
Red Teaming 1) Beginner? Want to learn ethical hacking basics.
The best stepping stone is Practical Ethical Hacking course by TCM on freeCodeCamp's YT. FreeCodeCamp has other free courses related to programming, ethical hacking etc on their YouTube channel. Learn for free.
Link : https://www.youtube.com/watch?v=3Kq1MIfTWCE
2) Try Hack Me (THM)
Learn and practice your cybersecurit -
Blog postRecently i encountered a very annoying problem. One of my Windows VM running on Virtualbox. This windows host keep shutting down on regular intervals. Initially i couldn't able to identify whether it is random or happening on fixed time intervals. I went through the settings, change active hours, change advanced startup options and went through the scheduled tasks suspecting something is triggering the reboot. Well, that didn't fix the issue. Then i went through the event viewer, and under Wi
-
Blog postNote : This is the continuation to my previous post on VirtualAlloc function, click here to refer.
RtlMoveMemory function copies the contents of the payload to the destination memory block/buffer.
The syntax of the function is,
VOID RtlMoveMemory(
_Out_ VOID UNALIGNED *Destination,
_In_ const VOID UNALIGNED *Source,
_In_ SIZE_T &nb -
Blog postWhile creating a malware, in-order to run they payload in the memory of the process, we need to create a memory buffer for the payload. For this purpose, we need to make use of the VirtualAlloc function.
As per the windows documentation, a VirtualAlloc function reserves, commits or changes the state of a region of pages in the virtual address space of the calling process.
Lets dig deep on this function and its parameters,
The syntax for the function usage is,
LPVOID Vi -
Blog postOften times, we might need to save some of the images in a word document or from a power point presentation. Most of us copy and save the images one by one. There is an easier way to extract all the images from the office file at once. Watch the video or follow the steps mentioned below.
1) Rename the file extension to .zip
2) Open or extract the Zip file.
3) Access the word/ppt directory
4) Open media folder and there you can see all the images embedded in the document. -
Blog postMetadata is the data about the data. Every files has some metadata and it describe what the file is (minus the content). For example, an image file, its metadata might contain information such as when the image is created, by whom, when is it modified, who can access etc, but it wont be able to tell what is in that image.
There are different types of metadata. Lets go through the main types.
1) System Metadata
This metadata is created and used by the Opera -
Blog postWhile performing a digital forensics investigation, you might need to collect various artifacts, information and images from the target machine. Most of the times, we make use of the automated tools to retrieve the information that we require. Read DFIR KAPE : Evidence Collection Tool
However, it is important to know to collect the data manually as well. This process of collecting the required information and image , also known as Evidence acquisition is one of the most important tasks -
Blog post"Global Privacy Control (GPC) is a proposed specification designed to allow Internet users to notify businesses of their privacy preferences, such as whether or not they want their personal information to be sold or shared. It consists of a setting or extension in the user’s browser or mobile device and acts as a mechanism that websites can use to indicate they support the specification." -- Source : https://globalprivacycontrol.org/
GPC is inbuilt with Brave and DuckDuckGo b -
Blog postGlad to announce the second edition of my book, Being a Firewall Engineer : An Operational Approach: A Comprehensive guide on firewall operations and best practices is now live on Amazon.
The firewall technologies and the landscape is rapidly changing and therefore i needed to make multiple changes from the first edition.This is not a configuration guide and is suitable for beginners and junior engineers. The following topics are briefly covered in the second edition of this book.
Va -
Blog posteLearnSecurity (ELS) offers a lot of great certifications in the field of Cybersecurity. Last year, ELS was acquired by INE. In my opinion, after the acquisition, there are a lot of gaps. First of all, many the links in the training materials are broken. Also information regarding the certification or the training materials are limited on the internet. Though INE has a community forum, getting a clear cut answer or solution is based on your luck. I haven't seen a lot of activity on their comm
-
Blog postIf you are reading this, you might probably encountered the following error while performing the sample analysis in Cuckoo,
Error starting Virtual Machine / VBoxManage error.
This error happens when there is some communication issue between the guest and host or with the VM snapshot.
The network configuration of the guest VM should be set as "Host only network" and verify the connectivity between the host and Guest by pinging each other. If that is f -
Blog postThis post is an introduction on Kroll Artifact Parser and Extractor (KAPE) and how it can be used to collect evidences.
When a malware is executed, it usually leaves some evidences about its execution. These are important details used for investigation and forensics. KAPE is an evidence acquisition tool and can be used to acquire all the evidence of execution from the victim's system.
The KAPE directory has two main folders. Modules and Targets.
KAPE Modules. -
Blog postRecently i have attended the Cloud security boot-camp from Penetester Academy and has cleared the certification exam (PACSP). This is a simple review about the boot-camp and the certification exam.
The boot-camp consists of 5 x 3 hour live interactive sessions. The instructor Jeswin Mathai knows his domain and has delivered the concepts pretty clear. The live sessions are via Zoom meeting and the participants can interact live through the discord channel. No questions unanswered. The -
Blog postMost of the attacks targeting AWS are based on exploiting the extensive permissions attached to the roles/accounts. This can be considered as a mis-configuration because the administrator was not following the principle of least privilege while creating roles and permissions.
Assume a scenario, Where there is a user in AWS who has the permission to attach user policy. The same user can elevate the privilege because it has the access to attach policies in to it. The user can even gain a -
Blog postPentesterAcademy Vulnerable Servers II Lab Write-Up | metasploit-pivoting
Lab Link : https://attackdefense.pentesteracademy.com/challengedetails?cid=1747
Vulnerable Servers II is a lab from PentesterAcademy, which is rated as easy. The lab topology shows two machines which means, there are two targets and the attacker has to perform pivoting in order to hack and get the flag from the target machine.
First Select the nearest Server and Click on Run the lab -
Blog postAre you interested in learning cybersecurity and having the big question "Where to start?". Well, few months ago, i also had the same question in my mind. Do i need to learn programming languages first, or web applications or networking ??? That's where i want to talk about the popular learning platform Tryhackme. TryHackMe is an online platform that helps people to learn cybersecurity, especially penetration testing by doing hands-on labs.
There are multiple learning p -
Blog postI am not an exploit developer but was interested to see how this vulnerability can be exploited. So i tried to replicate the infamous PrintNightmare vulnerability using the following PoCs (https://github.com/cube0x0/CVE-2021-1675) and (https://github.com/rapid7/metasploit-framework/pull/15385)
However i had trouble with the new metasploit module (auxiliary/admin/dcerpc/cve_2021_1675_printnightmare) and i couldn't able to exploit the machine successfully.
So i tried the second PoC f -
Blog postThis month, i have done two certification exams. Certified Ethical Hacker (CEH) Practical and eLearn Security Junior Penetration Tester (eJPT). These were not actually in my plan however when i received the free vouchers, i thought of giving the exams. So in this post, i am going to give a detailed comparison between the two certification exams.
Certified Ethical Hacker (CEH) Practical
I went for the CEH practical exam with an aversion, but i found it not bad. Mostl -
Blog postI was trying to use the snmpenum.pl in my lab and encountered this error.
Can't locate Net/SNMP.pm in @INC (you may need to install the Net::SNMP module)
I searched over the internet for the fix , but couldn't able to find something direct. However, going through some of the stackoverflow pages, i fixed it and is explained below. 1) First install the required packages related to snmp utilities.
sudo apt-get install libsnmp-perl 2) Install the SNMP module for perl.perl - -
Blog postPivoting is a technique used during Pentesting. The attacker gain access on one of the remote machine in the target network segment and use that machine to move around another network.
Pivoting is useful in a scenario where you don't have direct access to a remote network. For example, the attacker can access the DMZ server but not the Internal Server segment. But DMZ server can communicate with Internal Server Segment. In such scenario, firstly the attacker gain access to the DMZ server a -
Blog postThe Internet Explorer 11 desktop application will be retired and go out of support on June 15, 2022. Organizations with websites optimized for Internet Explorer may consider configuring IE mode in Microsoft Edge.
If you are configuring IE mode for an enterprise, you may refer the step by step guide from Microsoft.
To configure IE mode on your windows machine, follow the below steps.
1) Open Microsoft Edge browser
2) Go to Settings
3) Click on Default Browser -
Blog postWhen a packet is sent to an open UDP port, default behavior should be no response, Simply because UDP is a connection-less protocol. When this happens, Nmap or port scanning scripts refers to the port as being open|filtered. It could be open or behind the firewall. However, if it gets a UDP response which is very unusual in UDP, then the port is marked as open.
Then how Nmap or other port scanning scripts confirms whether there is an open UDP port exists??? For this, one should k
Titles By Jithin alex
Palo Alto Cortex XSOAR: A Practical Guide
Mar 16, 2021
by
Jithin Alex
$9.99
Other Formats:
Paperback
Incident Handling and Response: A Holistic Approach for an efficient Security Incident Management.
May 26, 2020
by
Jithin Alex
$5.99
Other Formats:
Paperback
