Hi Medium! Here we are again with a new article, I was asked by a friend in my last article about Enumeration to provide a breakout on the SMTP technique.

In this article, we will go through different tools and techniques that should be known to retrieve information about your target.

+ SMTP technique :

In this part I will provide some different techniques of SMTP Enumeration, first I want to give some details about the important commands that we will need to know.

SMTP provides 3 built-in-commands:
— VRFY: means validates users.
— EXPN: Tells the actual delivery addresses of aliases and mailing…

Proxy types and how it works

Hello Medium!! I always missed understanding the way proxies are used, however, the definition is so simple but people still miss understand how they are used and each time they made me unsure of the knowledge I have. So once and for all we will go together through all the proxy types and we will understand how they are used. And if anyone judges your knowledge send him that article.

At first, I thought that proxies are difficult to understand and I didn’t even imagine that I will handle them one day and to be honest after my research I…

Hi Medium! Here we are again with a new article, today we will share a small tutorial where we will implement the OSSIM solution, so we will talk about :

Introduction
2.1 Work environment
2.1.1 Hardware environment
2.1.2 Software environment
2.2 Implementation and test
Conclusion

Introduction

In this chapter, we present the realization part of our platform. We begin by presenting the work environment and the tools used. The last part of this chapter will be devoted to testing the proper functioning of our solution and its hosting.

2.1 Work environment

The work environment consists of two parts named hardware…

SOC technology and Best Practice

Hi Medium! Here we are again with a new article, today we will talk about SOC technology and Best Practice. We are going to discover :

+ What is SOC?
+ Why is SOC Important?
+ SOC Management
+ Best Practice
+ Conclusion

1- What is SOC?

SOC (Security Operation Center), is a division within a security cell, which ensure the security of the organization, at technical and organizational levels. …

TLS Overview

Hi Medium! Here we are again with a new article, today we will talk about TLS Overview as follow:

1. Confidentiality
2. Integrity
3. Availability
4. Defence in Depth
5. Symmetric encryption
6. Asymmetric encryption
7. Cryptographic Hash function
8. Man In The Middle (MITM)
9. Transport Layer Security
10. Banking Malware That Uses TLS

Introduction

Security is very critical for enterprises and organizations of all sizes and in all industries. Information security is a set of processes, tools, policies, and implemented systems against internal and external attacks that can damage or stop the services offered by an organization. …

Enumeration

Hi Medium! This is the Enumeration part.
In this chapter we are going to discover the following topics:

• Introduction
• Why Enumeration?
• Enumeration techniques
• Enumeration Tools on Linux and Windows
• Summary

Introduction

The most important phase before attacking a target is “Reconnaissance”.The more effort the attacker put in during this phase the more likely he guarantee the attack success. Before the weaponization phase (gaining access) there are 4 phases in reconnaissance:

1. Footprinting
2. Scanning
3. Enumeration
4. Vulnerability assessment.

During the enumeration phase, the attacker creates an active connection with the target and tries to gain information about it, these pieces of information will help…

Rsyslog configuring with TLS (send log file)

Hi Medium! Here we are again with a new article, today we will share a small tutorial where we will talk about all the steps that we need to configure Rsyslog and to create certificates:

1. Rsyslog
2. TLS
3. Software needed
4. Configuration
Summary
Read more

1. Rsyslog

Rsyslog is an Open Source software work on Unix, Rsyslog helps to send messages over IP network, it’s based on Syslog protocol, and can help to filter traffic and flexible configuration.

2. TLS

Transport Layer Security is a cryptographic protocol that provides a secure connection over a computer network, “ Several versions of the protocols…

Use Threat Intelligence and Python Scripts In Malware Detection

[4min Reading]

Hi Medium! Here we are again with a new article, today we will talk about advanced threat detection using threat intelligence and well-dedicated scripts using python as follow:

1. Threat Intelligence definition
2. Blacklisted IP
3. Blacklisted Domain
4. Blacklisted Certificate

1. Threat Intelligence definition

Intelligence, as defined by Edward Waltz, is “the information and knowledge about an adversary obtained through observation, investigation, analysis, or understanding, is the product that provides battlespace awareness”.

Intelligence is the collecting and processing of information about a competitive entity and its agents, needed by an organization or group for its security and well-being. (from Bimfort’s definition)

Intelligence is defined by…