vulnerabilities

topics of the tutorials

What is Social Engineering?

Social engineering is the art of manipulating users of a computing system into revealing confidential information that can be used to gain unauthorized access to a computer system. The term can also include activities such as exploiting human kindness, greed, and curiosity to gain access to restricted access buildings or getting the users to installing backdoor software.

Knowing the tricks used by hackers to trick users into releasing vital login information among others is fundamental in protecting computer systems

In this tutorial, we will introduce you to the common social engineering techniques and how you can come up with security measures to counter them.

How social engineering Works?

HERE,

Gather Information: This is the first stage, the learns as much as he can about the intended victim. The information is gathered from company websites, other publications and sometimes by talking to the users of the target system.
Plan Attack: The attackers outline how he/she intends to execute the attack
Acquire Tools: These include computer programs that an attacker will use when launching the attack.
Attack: Exploit the weaknesses in the target system.
Use acquired knowledge: Information gathered during the social engineering tactics such as pet names, birthdates of the organization founders, etc. is used in attacks such as password guessing.

Common Social Engineering Techniques:

Social engineering techniques can take many forms. The following is the list of the commonly used techniques.

Familiarity Exploit: Users are less suspicious of people they are familiar with. An attacker can familiarize him/herself with the users of the target system prior to the social engineering attack. The attacker may interact with users during meals, when users are smoking he may join, on social events, etc. This makes the attacker familiar to the users. Let’s suppose that the user works in a building that requires an access code or card to gain access; the attacker may follow the users as they enter such places. The users are most like to hold the door open for the attacker to go in as they are familiar with them. The attacker can also ask for answers to questions such as where you met your spouse, the name of your high school math teacher, etc. The users are most likely to reveal answers as they trust the familiar face. This information could be used to hack email accounts and other accounts that ask similar questions if one forgets their password.
Intimidating Circumstances: People tend to avoid people who intimidate others around them. Using this technique, the attacker may pretend to have a heated argument on the phone or with an accomplice in the scheme. The attacker may then ask users for information which would be used to compromise the security of the users’ system. The users are most likely give the correct answers just to avoid having a confrontation with the attacker. This technique can also be used to avoid been checked at a security check point.
Phishing: This technique uses trickery and deceit to obtain private data from users. The social engineer may try to impersonate a genuine website such as Yahoo and then ask the unsuspecting user to confirm their account name and password. This technique could also be used to get credit card information or any other valuable personal data.
Tailgating: This technique involves following users behind as they enter restricted areas. As a human courtesy, the user is most likely to let the social engineer inside the restricted area.
Exploiting human curiosity: Using this technique, the social engineer may deliberately drop a virus infected flash disk in an area where the users can easily pick it up. The user will most likely plug the flash disk into the computer. The flash disk may auto run the virus, or the user may be tempted to open a file with a name such as Employees Revaluation Report 2013.docx which may actually be an infected file.
Exploiting human greed: Using this technique, the social engineer may lure the user with promises of making a lot of money online by filling in a form and confirm their details using credit card details, etc.

Social Engineering Counter Measures

Most techniques employed by social engineers involve manipulating human biases. To counter such techniques, an organization can;

To counter the familiarity exploit, the users must be trained to not substitute familiarity with security measures. Even the people that they are familiar with must prove that they have the authorization to access certain areas and information.
To counter intimidating circumstances attacks, users must be trained to identify social engineering techniques that fish for sensitive information and politely say no.
To counter phishing techniques, most sites such as Yahoo use secure connections to encrypt data and prove that they are who they claim to be. Checking the URL may help you spot fake sites. Avoid responding to emails that request you to provide personal information.
To counter tailgating attacks, users must be trained not to let others use their security clearance to gain access to restricted areas. Each user must use their own access clearance.
To counter human curiosity, it’s better to submit picked up flash disks to system administrators who should scan them for viruses or other infection preferably on an isolated machine.
To counter techniques that exploit human greed, employees must be trained on the dangers of falling for such scams.

< prev

next >

topics of the tutorials

What is hacking?

Potential Security Threats

Skills for Ethical Hacker

Cryptography

What is Social Engineering?

How to Crack a Password

Worm, Virus & Trojan Horse

ARP Poisoning

Wireshark Tutorial

How to Hack WiFi

DoS (Denial of Service) Attack

BEST DDoS Attack Tools

How to Hack a Web Server

SQL Injection Tutorial

How to Hack a Website

Hacking Linux OS

CISSP Certification Guide

What is Digital Forensics?

What is Cybercrime?

Web Security Vulnerabilities

30 Bug Bounty Programs

Best Penetration Testing (Pen Testing) Tools

Kali Linux Tutorial

13 BEST Operating System for Hacking

11 Best Wireshark Alternatives

13 BEST Vulnerability for Websites, Network

Best 16 No-Log VPN

17 Best IP & Network Scanning Tools

11 Best FREE Firewall Software

16 BEST Ethical Hacking Books

Following is a handpicked list of Top Vulnerability Scanning Tools , with its popular features and website links. The list contains both open source(free) and commercial(paid) software.

1) Indusface

Indusface WAS provides comprehensive dynamic application security testing tool (DAST). It combines automated scanning to detect OWASP Top 10 vulnerabilities and malware along with Manual Pen-Testing done by Cert-In certified security experts.

Features:

New age scanner built for single page applications
Authentication scans
Malware Scans & Blacklisting checks
Network vulnerability scans
Integrated Dashboard
Proof of evidence for reported vulnerabilities through proof of concepts.
Optional AppTrana WAF integration to provide instant virtual patching with Zero False positive
24×7 support to discuss remediation guidelines/POC

2) Nessus Professional

Nessus professional is a vulnerability assessment tool for checking compliance, search sensitive data, scan IPs, and website. The tool is designed to make vulnerability assessment simple, easy, and intuitive.

Features:

It has advanced detection technology for more protection.
The tool offers complete vulnerability scanning with unlimited assessments.
It provides accurate visibility into your computer network.
Plugins which deliver timely protection benefits from new threats.
It allows you to migrate to Tenable solutions safely.
This tool deteccts SQL injection attack.

Link: https://www.tenable.com/products/nessus/nessus-professional

3) BeyondTrust

Beyond Trust is a free online vulnerability scanner that finds configuration issues, network vulnerabilities, and missing patches across applications, devices, virtual environments, and operating systems.

Features:

This tool has a user-friendly interface for streamlined vulnerability assessment, management, and content.
It provides patch management.
Improve risk management and prioritization.
The tool provides support for VMware that includes virtual image scanning.
It allows you to integrate with vCenter and scan virtual application for security.

Link: https://www.beyondtrust.com/tools/vulnerability-scanner

4) Intruder

Intruder is a cloud base network vulnerability scanner for your external infrastructure. This tool finds security weaknesses in your computer systems, to avoid data breaches.

Features:

You can synchronize your external IPs and DNS hostnames.
It is a developer-friendly software which can be integrated with Slack or Jira so that team can know security issues.
The tool has Network View that helps you to keep track of your exposed ports and services.
You can receive email and Slack notifications when scans complete, and summary PDF reports emailed on a monthly basis.
Intruder.io has more than 10,000 security checks for each vulnerability scan.

Link: https://www.intruder.io/

5) Tripwire IP360

Tripwire IP360 protects the integrity of mission-critical systems spanning, virtual, physical DevOps, and cloud environments. It delivers critical security controls, including secure configuration management, vulnerability management, log management, and asset discovery.

Features:

Modular architecture that scales to your deployments and needs.
The tool has on prioritized risk scoring features.
It helps you to maximize your organization productivity via integrations with various tools you already use.
Accurately identify, search, and profile all assets on your network.

Link: https://www.tripwire.com/products/tripwire-ip360/

6) Wireshark

Wireshark is a tool which keeps watch on network packets and displays them in a human-readable format. The information that is retrieved via this tool can be viewed through a GUI or the TTY mode TShark Utility.

Features:

Live capture and offline analysis
Rich VoIP analysis
Compressed Gzip files can be decompressed on the fly
Output can be exported to plain text, XML, or CSV
Multi-platform: Runs on Windows, Linux, FreeBSD, NetBSD, and many others
Live data can be read from PPP/HDLC, internet, ATM, Blue-tooth, Token Ring, USB, and more.
Decryption support for many protocols that include IPsec, ISAKMP, SSL/TLS, WEP, and WPA/WPA2
For quick, intuitive analysis, coloring rules can be applied to the packet
Read or write many different capture file formats like Cisco Secure IDS iplog, Pcap NG, and Microsoft Network Monitor, etc.

Link: https://www.wireshark.org/

7) Paessler

Paessler security vulnerability assessment tool has an advanced infrastructure management capability. The tool monitors IT infrastructure using technologies like SNMP, WMI, Sniffing, REST APIS, SQL, and others.

Features:

You can monitor jFlow, sFlow, IP SLA, Firewall, IP, LAN, Wi-Fi, Jitter, and IPFIX.
It provides alerts via email, plays alarm audio files, or triggering HTTP requests.
The tool provides Multiple user web interfaces.
It has automated failover handling.
You can visualize your network using maps.
Paessler allows you to monitor networks in various location.
You can get the numbers, statistics, and graphs for the data you are going to monitor or configuration.

Link: https://www.paessler.com/network-security-monitoring

8) OpenVAS

OpenVAS is a vulnerability scanner that helps you to perform authenticated testing, unauthenticated testing, vulnerability testing, security testing, industrial protocols, and various high level and the low-level Internet and industrial protocols.

Features:

You can perform vulnerability tests with a long history and daily updates.
Includes more than 50,000 vulnerability tests.
It provides performance tuning and internal programming code to implement any type of vulnerability test you want to perform.

Link: http://www.openvas.org/

9) Aircrack

Aircrack is one of the handy tools required to check vulnerability and to make your Wi-Fi network secure. This tool is powered by WEP WPA and WPA 2 encryption Keys which solve vulnerable wireless connections problems.

Features:

More cards/drivers supported
Provide support to all types of OS and platforms
New WEP attack: PTW
Support for WEP dictionary attack
Protect you from Fragmentation attack
Improved tracking speed

Link: https://www.aircrack-ng.org/

10) Comodo HackerProof

Comodo HackerProof revolutionizes the way you test your website and app security. It includes PCI Scanning and site inspector for website scanning.

Features:

The tool is built with the latest technology that invites more interaction, building trust for any web site.
Comodo allows the user to present credentials on your website.
This software product provides more website credibility without changing the layout of web pages.
100+ people are associated with Comodo brand.
Not vulnerable to popup blockers
It uses rollover functionality to tell visitors that the website is trusted.
Software interrupts your website visitors to take any actions and steal your valuable business.

Link: https://www.comodo.com/hackerproof/

11) Microsoft Baseline Security Analyzer (MBSA)

Microsoft Baseline Security Analyzer (MBSA) provides a streamlined procedure to find common security misconfigurations and missing security updates.

Features:

MBSA scan for update rollups, missing security updates, and service packs available from Microsoft Update.
The download is available for various languages like English, German, Japanese, and French.
This tool includes a command-line interface and graphical user interface that performs a local or remote scan of Microsoft Windows Systems.
Scans agent computer system and inform about missing security patches.
Places the required MBSA binaries on all MOM agents.

Link: https://www.microsoft.com/en-us/download/search.aspx?q=MBSA

12) Nikto

Nikto analysis web servers for 6700+ potentially dangerous programs. This tool checks for server configuration items such as HTTP server options, the presence of multiple index files, and will attempt to identify installed web servers and software.

Features:

Full HTTP proxy support
The tool automatically finds outdated server components.
Save reports in HTML, plain text, CSV, XML, or NBE.
It has a template engine for easy report customization.
Scan multiple servers or multiple ports on a server.
Host authentication with Basic, and NTLM.
Authorization guessing handles any directory.

Link: https://cirt.net/Nikto2

13) Solarwinds Configuration Manager

Solarwinds Configuration Manager is a software which is used to handle configs through policy management, backup, and automation. This tool reduces the time needed to manage critical changes and repetitive tasks across complex, multi-vendor networks.

Features:

You can locate the current configuration and instantly apply it to a replacement spare, or to roll back a blown configuration.
Protect your Cisco devices from malware.
It provides effective troubleshooting and network management to your Palo Alto Networks firewall.
The tool detects faults, identify, and corrects a range of configuration errors.
You can know devices connected to the network, their hardware, and software configurations.
Control who can view device details and make configuration changes and determine when network changes can occur.

Link: https://www.solarwinds.com/network-configuration-manager

14) Nexpose Community

Nexpose is a useful vulnerability management software. With this tool, you can monitor exposure in real time and adapts to new threats with fresh data.

Features:

Get a real-time view of risk.
It brings innovative and progressive solutions that help the user to get their jobs done.
Know where to focus.
Bring more to your security program
Provide IT with necessary details they have to fix any issues.

Link: https://www.rapid7.com/products/nexpose/

FAQ

⚡ What is Vulnerability?

A vulnerability is cyber security term which describes the weakness in the system security design, process, implementation, or any internal control that may result in the violation of the system’s security policy. In other words, the chance for intruders (hackers) to get unauthorized access.

🔐 What is Vulnerability Assessment?

Vulnerability assessment is a software testing type performed to evaluate the security risks in the software system in order to reduce the probability of a threat.

✔️ What is the importance of is vulnerability assessment in the company?

Vulnerability Assessment and Penetration Testing (VAPT) helps you to detect security exposures before attackers find them.
You can create an inventory of network device, including system information and purpose.
It defines risk level which exists on the network.
Establish a benefit curve and optimize security investments.

< prev

next >

Tag: vulnerabilities

13 BEST Vulnerability Assessment Scanners for Websites, Network

topics of the tutorials

1) Indusface

2) Nessus Professional

3) BeyondTrust

4) Intruder

5) Tripwire IP360

6) Wireshark

7) Paessler

8) OpenVAS

9) Aircrack

10) Comodo HackerProof

11) Microsoft Baseline Security Analyzer (MBSA)

12) Nikto

13) Solarwinds Configuration Manager

14) Nexpose Community

FAQ