The Chromensics tool is developed to read all information from chrome browser directory and present it to user, in easy readable tabular format which can be explored in descent interface without running the chrome browser. The tool will also allow you retrieve information from other chrome installation brought from different machine for analyzing. The acquired artifacts can be exported in PDF report to present it in court of law or to superiors.
An interesting approach to a Man-in-the-Middle Attack against a Password Reset System
The PRMitM attack exploits the similarity of the registration and password reset processes to launch a man in the middle (MitM) attack at the application level. The attacker initiates a password reset process with a website and forwards every challenge to the victim who either wishes to register in the attacking site or to access a particular resource on it.
Source: The Password Reset MitM Attack
Common Sense Graphite is a site by teachers, for teachers that helps you find the best educational technology resources and learn the best practices for implementing them in your classroom. Brought to you by Common Sense Media: Empowering kids to thrive in a world of media and technology.
Use Shodan to discover which of your devices are connected to the Internet, where they are located and who is using them.
Listed below are some popular search shortcuts/search keywords to help with narrowing your search results:
|port||Any Numeric Value||Specific Ports||port:554|
|ssl||Organization Value||SSL Certificates for Organizatio||ssl:edellroot
|ssl.version||SSL Version Value||SSL Version||ssl.version:sslv2 -ssl.version:sslv3,tlsv1,tlsv1.1,tlsv1.2|
|net||IP Range||IP Range||net:188.8.131.52/24, net:184.108.40.206/16|
|Example Search Query||Used For|
|port:9100 product:”LaserJet”||Finding HP LaserJet printers on the network|
|ssl:edellroot||Finding devices with SSL certificates issued by eDellRoot|
|net:220.127.116.11/16 ssl.version:sslv2||Find hosts supporting SSLv2 in the 18.104.22.168/16 subnet|
Varonis has published a list of introductory web security videos at Web Security Fundamentals.