What’s a macro? It’s a small program that runs within a bigger program to automate a task (usually a complex or time-consuming task) on a user’s behalf. Macros are written in a programming language designed to work within their broader environment. So, for example, macros for Microsoft Office are currently written in Visual Basic for [...]
The dark web is a part of the internet (or a small part of the deep web) that isn't indexed by search engines. The dark web contains a large amount of illegal and criminal content (from various aspects). Online marketplaces for drugs, exchanges for stolen data, and other illegal activities get most of the attention. [...]
The IT Infrastructure Library (ITIL) is a library of volumes describing a framework of best practices for delivering IT services. ITIL’s systematic approach to IT service management can help businesses manage risk, strengthen customer relations, establish cost-effective practices, and build a stable IT environment that allows for growth, scale and change. In fact, ITIL describes [...]
Rapid7 Nexpose is a vulnerability scanner which aims to support the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation. RAPID7 plays a very important and effective role in the penetration testing, and most pentesters use RAPID7. This paragraph is abbreviated from www.rapid7.com The following figure shows some of [...]
A kind of penetration testing aid is the Metasploit Project. This open-source framework allows testing via command line alterations or GUI. The Metasploit Framework is a Ruby-based, modular penetration testing platform that enables a pentester (hacker) to writes, tests, and executes exploit code. In other words, the Metasploit framework is a very powerful tool which can [...]
Zero-day is a flaw in software, hardware or firmware that it has the potential to be exploited by cybercriminals. In other words, zero-day is a vulnerability in a system or device that has been disclosed but is not yet patched. A zero day exploit is a cyber-attack that occurs on the same day a weakness [...]
A penetration test (pen test or pentest and or ethical hacking) is a simulated cyber-attack against a computer system to check for exploitable vulnerabilities. You should not be confused it with a vulnerability assessment. Source: en.wikipedia.org In fact, this test simulates a real-world attack to determine how any defenses will fare and the possible magnitude [...]
In this post, we'll take a look at ManageEngine ADAudit to help you understand the different aspects of this network product. You can use ManageEngine ADAudit to ensure critical resources in the network like the Domain Controllers are audited, monitored and reported with the entire information on AD objects (like Users, Groups, GPOs, Computers, OUs, etc.). [...]
Wireshark is a network packet analyzer. This software one of the best packet analyzers available today and is available for free, and it is open source. This software, formerly known as Ethereal but the project was renamed Wireshark in May 2006 due to trademark issues. Sources: wireshark.org and en.wikipedia.org Wireshark is cross-platform and it runs [...]