windows

Practical Buffer Overflow with FreeFloat FTP Server Description A walkthrough illustrating the methodology of the Buffer Overflow attack, focusing on the FreeFloat FTP Server. Lab Setup -Virtual box -A windows XP machine -Favourite Pentest Distro -Favourite Code editor Softwares and Tools -Download or Install Immunity Debugger and the Free Float FTP server onto the Windows XP -Download the mona.py file to Windows XP -Need Metasploit and SPIKE tools on the Pentest box (Here, I won’t be using spike script but would manually exploit the application)...

Splunk Enterprise with remote Hosts Description This is a sample project to setup a Splunk SIEM lab and forward alerts and events from remote hosts to the splunk server for monitoring and analysing Prerequisites - Virtual box - Ubuntu server iso for hosting our Splunk server - Windows machine (here using windows 7) - Splunk Enterprise Edition and Splunk forwarder (we can get a 14 day trial version from Splunk to use the enterprise edition) Setup - Create 2 VM in Virtual box with Bridged network adapter and enabling Promiscuous mode...

2FA Steal Description Just a simple demonstration inspired from the video of John Hammond to bypass 2FA SMS Authentication. You can watch the video Here Languages and Utilities Used - Linux - Python - Java Environments Used - Windows 10 - kali Procedure: - Took the HTML code from the browser view page source - Added the json payload inside the code payload that we use in the html pages, bear in mind to change the input type based on the webpages <script src ="https://cdnjs....

File Integrity Monitor Description Integrity in CIA Triad means the correctness in a file. If a data gets changed or edited an alert needs to be triggered so that an analyst or others can check the integrity This projects is to create a FIM – File integrity Monitor powershell script(below). FIM – is to monitor some important files and is designed to provide an alert once it gets modified # change the file path D:\Desktop\FIM\baseline....

SIEM With Azure Sentinal Description This is a project done on mapping failed event login attempts(or a bruteforce attempts) on a windows machine which is open to the internet. we either turn firewall off or put ICMP requests to allow. After catching the logs, we run a powershell script inside the machine and by using Workspace Analytics, Log Analytics, Cloud Defender and Azure Sentinal; we pull these log out and maps it to the worldmap and see how many attempts have generated from all around the world...

Vulnerability management using Nessus Description Using Nessus essentials vulnerability management we are scanning a Windows 10 VM for vulnerabilities that are present and trying to remediate it. Tools Used Nessus Essentials Deployed Windows 10 VM in Virtual box Procedure: Set up a VM in Virtual box with windows 10 and bridged adapter settings Test connectivity using the PING command from host machine to the VM (Might need to allow SMTP in firewall or Disable Firewall)...