Home » Author Archives: TheInnocent

Author Archives: TheInnocent

Cyber Threat Intelligence: Hunting Cyber Criminals

Cyber Security differs from CTI (Cyber Threat Intelligence). While the first deals with the technical aspects of protecting informatic systems and web applications, the second regards the intelligence applied to information, taking form in different ways like OSINT (Open Source Intelligence), HUMINT (Human Intelligence) and SOCMINT (Social Media Intelligence). The first important thing to understand what “cyber threat intelligence” means, ... Read More »

DDoS Attack Explained

DDoS means Distributed Denial of Service and it occurs when an attacker overwhelms a target, that is generally a server, with a load of traffic that the target cannot manage. DDoS is a special kind of DoS, Denial of Service attack, and it is important to notice the difference between them. A Dos, in fact, involves a single machine trying ... Read More »

Malware Analysis Tools Explained

When it comes to malware infections, you can never get comfortable with your own system and paranoia is your best friend, as we can observe in the second episode of the third season of Mr Robot, when Elliot uses rkhunter to control if a malware has been installed on his computer. In this article we’ll see that is possible to ... Read More »

Risks Of The Double Spending Attack

You may not know that Bitcoin is not the first digital coin project in history. Before it, other ideas were developed in order to create a digital currency but they all failed due to a very serious security issue that developers were not able to solve. Just to use simple words, when you spend your banknotes, you have to physically ... Read More »

The Art Of Google Hacking

When it comes to Google, everyone feels confident in knowing what we’re talking about. Google is that nice site that allows us to search whatever we want on the web. More technically, it’s a search engine, something that knows our preferences, our tastes and even (sometimes) our secrets. Google is easy, isn’t it? It appears as a blank page with ... Read More »

How Hackers Avoid Honeypots

  Honeypots are networks, servers or web applications purposely built to appear vulnerable, thus showing obsolete operating systems and software, open services and ports, in order to attract malign visitors and induce them to try exploiting the system. While in a preceding tutorial I explained how to build your own honeypot, here I will explain how hackers try to avoid ... Read More »

How To Setup Your Own Pentest Lab

Are you an aspiring penetration tester, or a wannabe hacker? You started from the basics, querying google with a few simple words: hacking, hacker, how to be a hacker…then you found a lot of stupid tutorials that taught you how to hack your neighbour’s wpa with a network adapter called alfa awus036h (but didn’t work, did it ?) and finally ... Read More »

How To Setup Your Own Honeypot?

A honeypot is a system designed to appear vulnerable to attackers. The goal of a honeypot is to log all the attackers’ activities to study their behaviour, log their Ips, track their location, collect zero-days. The idea of “honeypot” is nothing but a server that offers any kind of services to the attacker, from SSH to telnet, showing several well ... Read More »

Malicious Websites Explained

Surfing the web you will have heard about the existence of malicious websites. Virustotal is a well known website that helps you to discover which site is malicious and which is not before actually requesting the suspected URL in your browser. But what does it mean that a website is classified as “malicious”? What actions do these sites perform and ... Read More »

Phishing: Tactics And Tools Explained

Phishing (password harvesting fishing) is one of the most effective technique that hackers use to steal your credentials. Phishing is a mix of social engineering and computer skills that consists of pretending to be a reputable organization asking you to do a certain security procedure; this procedure involves changing your password or revealing your bank credentials. The innocent user is ... Read More »

HOW HACKERS HIDE MALICIOUS SITES

  Since 2006, security researchers have been watching a new technique used in cybercrime to hide malicious traffic behind an intricate network of proxies. This technique called fast-flux, was initially used by few people but lead to thousands of personal computers infected and criminal content like phishing sites and malwares successfully delivered to innocent users. Fast-flux networks are today the ... Read More »

(Some Of) The Best Ways To Store Your Passwords

  Storing a password has always been a problem that involved other problems. Today everyone has a digital life made by different accounts for each activity, from online banking to email, from different forums to social networks, so it’s crucial to find a way to remember all the credentials, possibly avoiding password stealing. If you search on the web you’ll ... Read More »

Tor anonymizers.jpg

ROUTING ALL TRAFFIC THROUGH TOR: PRO AND CONS

Every reader of DeepDotWeb knows the importance of surfing the web protected by the Tor network and therefore uses a Tor Browser Bundle. The TBB not only helps us connecting through the Tor network while surfing the internet allowing us to visit onion sites and hiding our ip, but it also uses many security built-in plugins to increase our anonymity ... Read More »

VOIP (IN)SECURITY: ALTERNATIVES TO SKYPE AND WHATSAPP

  Skype was released on August 29, 2003 and was quite a revolution. With Skype the voice and video information was packetized and transmitted over internet protocol networks; people could call for free, using only an internet connection. Skype was then acquired by Microsoft that started to work with NSA in the PRISM surveillance program in order to access private ... Read More »

THE PENETRATION TESTER’S CAREER

FROM SCRIPT KIDDIE TO PENTESTER: TAKE YOUR PASSION TO THE NEXT LEVEL When you think of what a hacker is, you think of a talented individual capable of entering inside a protected system (a computer, a network and so on), using his great skills to overcome all the difficulties he has to face. The word “hack” has nonetheless a broader ... Read More »