The February issue of the Hakin9 Exploiting Software magazine is out!
Included in this issue is an article I wrote on the Social Engineering Toolkit (SET):
Using the Social Engineering Toolkit to Test Network Security
Hackers using Social Engineering attacks are getting much better at their craft, and people are making it very easy for them. A Social Engineer will use information gathered about a person, place or business in specially crafted attacks that play on people’s thoughts, beliefs or emotions.
Social engineers are Hackers that focus in on using personal information mixed with human reactions, emotions or fear to trick you into opening an infected file or visiting a malicious website. Social engineering attacks are one of the top techniques used against networks today.
Why spend days, weeks or even months trying to penetrate layers of network security when you can just trick a user into running a file that allows you full access to their machine and bypasses most anti-viruses, firewalls and many intrusion detection systems?
Daniel will explain some of the techniques used by attackers and he will show you how they could get full control of your computer and most importantly, how to stop them.
Also in this issue is:
- Beyond Automated Tools and Frameworks: the shellcode injection process
- Tabnapping Attack: Hijacking Browser Tabs
- The Power Of Exploitation Tools
- Hardening of Java Applications against AOP exploits
- Enterprise Vulnerability Management
I really enjoyed Craig Wright’s article, “Beyond Automated Tools and Frameworks: the shellcode injection process“. This is a series of articles that delves into creating your own shellcodes and exploits.
Hakin9 Exploiting Software February 2012 – Check it out!