We’re a lot to face intrusion attemps in our IS. There can be many interests for attackers, for example data theft, using your computing power … Most of the Hackers takes precaution while performing illegal activities and always try to hide themselves from being caught. Once the system is compromised …
Read More »Hash Cracking with AWS EC2 P3 & Hashcat
Password cracking is a mandatory activity when you perform a pentest. Having access to a GPU cracking machine would be nice from time to time however and the GPU systems that Amazon EC2 supports offers a decent compromise. In this howto, I’ll share with you a script that let you install …
Read More »Create a custom cracking Wordlist
To perform a good pentest, nothing better than a custom wordlist to crack passwords. We may be able to generate a custom wordlist that reflects our knowledge of the target or the organization’s password policy (For example : 10chars min, Special chars …) Information Gathering To build a good wordlist, …
Read More »Windows 10 & 8.1 : Zero Day sur le partage SMB, provoquant DoS & BSOD.
Une nouvelle faille Zero Day affecte les derniers systèmes d’exploitation Microsoft (Windows 8.1 et Windows 10) et semblerait affecter également les dernières version Windows Server (2012 et 2016). Cette faille a été rendue publique il y a 5 jours, lorsqu’un certain “@PythonResponder” a publié le Proof of Concept (PoC) de …
Read More »Hacking WPA : Menace du WPS et contre-mesure.
Le Wi-Fi Protected Setup (WPS) est un protocole qui a pour but de simplifier l’accès à un routeur Wi-Fi pour l’utilisateur final, qui a souvent du mal, qu’on se le dise, à entrer sa clé WPA pour s’authentifier.
Read More »