\n
\n\t\t\u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05d4\u05e9\u05ea\u05ea\u05e4\u05ea\u05d9 \u05d1\u05e7\u05d5\u05e8\u05e1 CSI \u05d1\u05d2'\u05d5\u05df \u05d1\u05e8\u05d9\u05d9\u05e1. \u05d1\u05e7\u05d5\u05e8\u05e1 \u05d6\u05d4 \u05dc\u05de\u05d3\u05ea\u05d9 (\u05d0\u05d5 \u05e8\u05d9\u05e2\u05e0\u05e0\u05ea\u05d9 \u05d0\u05ea \u05d9\u05d3\u05d9\u05e2\u05d5\u05ea\u05d9) \u05d1\u05d8\u05db\u05e0\u05d9\u05e7\u05d5\u05ea \u05e4\u05e8\u05d9\u05e6\u05d4 \u05e9\u05d5\u05e0\u05d5\u05ea, \u05db\u05dc\u05d9 \u05d4\u05d2\u05e0\u05d4 \u05d5\u05ea\u05e7\u05d9\u05e4\u05d4 \u05e9\u05d5\u05e0\u05d9\u05dd \u05d5\u05db\u05d5'. \u05db\u05e2\u05ea, \u05d1\u05de\u05d4\u05dc\u05da \u05d4\u05e2\u05d1\u05d5\u05d3\u05d4 \u05e2\u05dc \u05e4\u05e8\u05d5\u05d9\u05e7\u05d8 \u05d4\u05d2\u05de\u05e8 \u05e9\u05dc \u05d4\u05e7\u05d5\u05e8\u05e1, \u05e0\u05d9\u05e1\u05d9\u05ea\u05d9 \u05dc\u05e1\u05db\u05dd, \u05dc\u05e4\u05d7\u05d5\u05ea \u05dc\u05e2\u05e6\u05de\u05d9, \u05d0\u05ea \u05e8\u05e9\u05d9\u05de\u05ea \u05d4\u05db\u05dc\u05d9\u05dd \u05e9\u05d0\u05d5\u05ea\u05dd \u05dc\u05de\u05d3\u05e0\u05d5 \u05d1\u05e7\u05d5\u05e8\u05e1 (\u05d5\u05e2\u05d5\u05d3 \u05db\u05de\u05d4 \u05e9\u05dc\u05de\u05d3\u05ea\u05d9 \u05dc\u05d1\u05d3 \u05dc\u05d0\u05d7\u05e8 \u05de\u05db\u05df), \u05dc\u05d4\u05dc\u05df \u05d4\u05e8\u05e9\u05d9\u05de\u05d4 \u05d4\u05de\u05dc\u05d0\u05d4 (\u05d0\u05e0\u05d9 \u05de\u05e7\u05d5\u05d5\u05d4) \u05e9\u05dc \u05db\u05dc \u05d4\u05db\u05dc\u05d9\u05dd \u05d5\u05e2\u05dc \u05db\u05dc \u05d0\u05d7\u05d3 \u05d4\u05e1\u05d1\u05e8 \u05e7\u05e6\u05e8\u05e6\u05e8 \u05d5\u05dc\u05d9\u05e0\u05e7 (\u05d0\u05e0\u05d9 \u05d0\u05e9\u05ea\u05d3\u05dc \u05dc\u05e4\u05e8\u05d8 \u05d5\u05dc\u05e2\u05d3\u05db\u05df \u05d0\u05ea \u05d4\u05e4\u05d5\u05e1\u05d8 \u05d4\u05d6\u05d4 \u05db\u05dc \u05d4\u05d6\u05de\u05df \u05db\u05d3\u05d9 \u05dc\u05e4\u05e8\u05d8 \u05e2\u05dc \u05d4\u05db\u05dc\u05d9\u05dd \u05d4\u05e9\u05d5\u05e0\u05d9\u05dd \u05d5\u05d0\u05d5\u05e4\u05df \u05d6\u05d9\u05d4\u05d5\u05d9 \u05e4\u05e2\u05d9\u05dc\u05d5\u05ea\u05dd \u05d5\u05d3\u05e8\u05db\u05d9 \u05d4\u05d4\u05ea\u05de\u05d5\u05d3\u05d3\u05d5\u05ea \u05d4\u05d8\u05d5\u05d1\u05d5\u05ea \u05e9\u05de\u05e6\u05d0\u05ea\u05d9 \u05e2\u05d1\u05d5\u05e8\u05df)<\/p>\n
Attack:<\/strong><\/u><\/p>\n Scanning: <\/span><\/p>\n – Nmap – <\/span>http:\/\/nmap.org\/<\/a><\/p>\n – DNSRecon (DNS Records enumeration – http:\/\/pentestlab.wordpress.com\/2012\/11\/13\/dns-reconnaissance-dnsrecon\/<\/a>) <\/span><\/p>\n – DirBuster (\u05dc\u05d0 \u05e0\u05dc\u05de\u05d3 \u05d1\u05e7\u05d5\u05e8\u05e1) – <\/span>https:\/\/www.owasp.org\/index.php\/Category:OWASP_DirBuster_Project<\/a><\/p>\n – Responder – Can also be used to start WPAD proxy or to get passwords\/users (https:\/\/github.com\/SpiderLabs\/Responder<\/a>) <\/span><\/p>\n <\/p>\n Code<\/span><\/strong><\/u><\/p>\n – Dot Net Reflector + Reflexi – Dot net reflection and MSIL patching<\/span><\/p>\n – Windows Enabler – Enable all disabled buttons in windows by using its handle<\/span><\/p>\n <\/p>\n Network:<\/u><\/strong> <\/span><\/p>\n – Yersinia (http:\/\/www.yersinia.net\/<\/a>) <\/span><\/p>\n <\/span><\/p>\n Sql Injection <\/span><\/p>\n – sqlmap – <\/span>http:\/\/sqlmap.org\/<\/a><\/p>\n <\/span><\/p>\n ARP related <\/span><\/p>\n – Ettercap <\/span><\/p>\n <\/p>\n Cookie Hijacking<\/span><\/p>\n – firesheep<\/span><\/p>\n <\/span><\/p>\n SSL Cracking <\/span><\/p>\n – sslstrip.py <\/span><\/p>\n <\/span><\/p>\n Web crawling\/proxing\/brute-forcing\/dictionary attacking <\/span><\/p>\n – burp <\/span><\/p>\n – WPAD (By using Responder.py<\/span>)<\/span> <\/span><\/p>\n – arachni (<\/span>http:\/\/www.arachni-scanner.com\/<\/a>)<\/span> <\/span><\/p>\n <\/span><\/p>\n DoS <\/span><\/p>\n – Smurfs attack – ICMP packets with the victim's ip as their spoofed source ip are sent to many computers which in turn will send a reply back to the victim' computer.<\/p>\n – LAND attack – SYN packets with the victim's spoofed ip as their source will cause the victim to reply itself and to lock up.<\/p>\n – pyloris (SlowLoris) <\/span><\/p>\n – SockStress <\/span><\/p>\n – AreYouDeadYet (R U D Y) <\/span><\/p>\n – Rouge DHCP \/ DHCP Spoofing<\/span> <\/span><\/p>\n – <\/span>thc-ssl-dos-1.4 – SSL DoS (<\/span>https:\/\/www.thc.org\/thc-ssl-dos\/<\/a>)<\/span> <\/span><\/p>\n <\/span><\/p>\n XSS<\/span> <\/span><\/p>\n – BEEF<\/span> <\/span><\/p>\n <\/span><\/p>\n Password hacking: <\/span><\/p>\n – Hydra <\/span><\/p>\n – John the ripper <\/span><\/p>\n – Cain & Abel <\/span><\/p>\n – mimikatz <\/span><\/p>\n – pass the hash <\/span><\/p>\n – ntlm relay <\/span><\/p>\n – cewl.rb (Creates passwords list from internet information) <\/span><\/p>\n – cupp.py (Creates passwords list interactively) <\/span><\/p>\n <\/span><\/p>\n Exploit management <\/span><\/p>\n – Metasploit <\/span><\/p>\n – Powersploit <\/span><\/p>\n – Dot Net Sploit (\u05dc\u05d0 \u05e0\u05dc\u05de\u05d3 \u05d1\u05e7\u05d5\u05e8\u05e1) <\/span><\/p>\n – Veil <\/span><\/p>\n <\/span><\/p>\n All-In-One: <\/span><\/p>\n – Metasploit Pro <\/span><\/p>\n – Nexpose <\/span><\/p>\n <\/span><\/p>\n Defense:<\/u><\/strong> <\/span><\/p>\n EMET (Enhanced Mitigation Experience Toolkit) – Microsoft's toolkit for automatically detecting malware activities based on behaviour analysis – http:\/\/support.microsoft.com\/kb\/2458544<\/a><\/p>\n PortKnocking – Technique to allow access from the outside by using a secret port access sequence<\/p>\n <\/p>\n Logs Correlation:<\/p>\n – Splunk {+ Prealert Anomaly Detective App} (<\/span>Collects and correlates logs from many apps (i.e F5, Cisco, VMWare, Security Onion, Windows AD, Riverbed Steelhead etc.) – http:\/\/www.splunk.com\/<\/a>)<\/p>\n <\/p>\n Netflow:<\/p>\n – Argus (http:\/\/qosient.com\/argus\/argusnetflow.shtml<\/a>)<\/p>\n <\/p>\n Firewalling: <\/span><\/p>\n – pfSense <\/span><\/p>\n – iptables + fwbuilder <\/span><\/p>\n <\/span><\/p>\n Kerberos: <\/span><\/p>\n – Shorten the time period in which the ticket is valid <\/span><\/p>\n <\/span><\/p>\n Pass the hash: <\/span><\/p>\n – Enable "Access this computer from the network" policy and block anyone but administrators\/HD users <\/span><\/p>\n <\/span><\/p>\n IPS\/IDS: <\/span><\/p>\n – Snort <\/span><\/p>\n – Ossec <\/span><\/p>\n – Apache ModSecurity <\/span><\/p>\n <\/span><\/p>\n Sniffing <\/span><\/p>\n – Bro (Session [flow] data, Files analysis on the network, etc. – <\/span>https:\/\/www.bro.org\/<\/a>) <\/span><\/p>\n <\/span><\/p>\n Exploits detection <\/span><\/p>\n – Microsoft Enhanced Mitigation Experience Toolkit v3.0 (Heuristics based in-memory protection\/detection) <\/span><\/p>\n <\/span><\/p>\n Application whitelisting <\/span><\/p>\n – Group Policy AppLocker (http:\/\/technet.microsoft.com\/en-us\/library\/dd548340(v=ws.10).aspx<\/a>) <\/span><\/p>\n <\/span><\/p>\n DEP <\/span><\/p>\n – Block requests to execute machine code directly from sections of memory that were designated to contain data <\/span><\/p>\n <\/span><\/p>\n Sandboxing: <\/span><\/p>\n – Sandboxie <\/span><\/p>\n – Coucou<\/span><\/span> <\/span><\/p>\n – Malwr – <\/span><\/span><\/span>https:\/\/malwr.com\/submission\/<\/a><\/p>\n – Virustotal<\/span><\/span><\/span><\/p>\n – Free web based malware analysis – <\/span><\/span><\/span>http:\/\/zeltser.com\/reverse-malware\/automated-malware-analysis.html<\/a><\/p>\n