Credential Harvesting on paranoid browsers

Credential harvesting is one of the most common methods used in social engineering attacks when phishing. A sample can be viewed here. Some things about the cloner in social engineering toolkit: It doesn’t download assets i.e. images, css, javascript files The page cloned needs to be always reachable I will be testing this on chrome[…]

Surviving an SSH Audit

It’s often seen from most scanners a number of issues being raised in regard to SSH security. They are mostly around : Use of weak arcfour ciphers SSH Weak ciphers SSH weak Mac algorithms SSH insecure key exchange etc. as an example we will cover how to harden a weak understanding of the defaults and[…]