Creating a Sock Puppet: Developing a Persona

A sock puppet is a fake account which can be used to hide the true identity of the owner for operational security reasons (used by both attackers and security researchers). Developing a convincing persona is key to the success of your sock puppet. Your goal is to create a very…

Creating a Sock Puppet

A sock puppet is a fake account which can be used to hide the true identity of the owner for operational security reasons (used by both attackers and security researchers). They can either be used for passive recon, active engagement, or honeypots. Passive recon sock puppets are often used by…

Traceroute and Ping

Ping and traceroute are common commands used for trouble shooting network problems. Ping is a simple command that can test the reachability of a device on the network. Traceroute is a command used to 'trace' the route that a packet takes when traveling to its destination. It's useful for tracing…

Building a Botnet

A botnet is a collection of internet connected devices (anything from PCs to IoT devices) which are infected by the same malware. A hacker uses the malware the botnet is infected with to control it and launch botnet attacks. The attacks are more effective when launched using hundreds, or thousands,…

Protecting Against DDoS Attacks

Distributed Denial of Service (DDoS) attacks aim to take an organization or service offline and originate from multiple, distributed hosts. The difficult part of defending against DDoS attacks is that the hosts are distributed – if it were a single host or small group, you could easily block the traffic with…

Cross Site Scripting (XSS)

Cross Site Scripting is the second most prevalent issue in the Open Source Foundation for Application Security (OWASP) top 10 – it's found in roughly 2/3 of all applications. While automated tools can find some of these problems, there are also automated tools designed to detect and exploit these vulnerabilities.…

Block and Stream Ciphers

Cryptography is the science of using codes and ciphers to protect messages. And encryption involves encoding messages so that only the intended recipient can understand the meaning of the message. It's often used to protect data in transit. Encryption is a two way function – that is, you need to be…

Cross Site Request Forgery (CSRF or XSRF)

CSRF occurs when a malicious site or program causes a user's browser to perform an unwanted action on a trusted site when the user is authenticated. Any malicious action is limited to the capability of the website to which the user is authenticated. For example, Jane might login to her…