NetHunter Article Featured in Hakin9 Magazine

The latest Hakin9 Magazine is out! This issue is all about Android security and features my article on using Kali NetHunter and Responder together for getting quick user credentials.

Front Cover

In my article I explain how you could recover network credentials from a Windows network using the Android based Kali NetHunter and Responder (an LLMNR, NBT-NS & MDNS poisoner). I also show how you can “pass the hash” with credentials obtained and gain remote shell access to an unsecured or improperly secured Windows Server.

Other Articles in this Issue Include:

Mobile Penetration Testing Tutorial

by Olivia Orr

The objective of this tutorial is to learn the most common vulnerabilities in mobile applications using an app intentionally designed to be insecure. This tutorial will be based on the Windows platform, but you can use other systems if you wish.


Quick Android Review Kit (QARK) – A comrade for Android security analysis

by Vinayak Joshi and Venkatesh Sivakumar (Pranav Venkat)

QARK stands for Quick Android Review Kit. A quirky companion to get the hidden potential vulnerabilities of any Android applications. It is an open community tool designed to assist mobile application security pentesters to leverage its capabilities to reverse engineer mobile applications and conduct static analysis on the hidden vulnerabilities that can potentially create critical breaches. This article will explain how to use it.


Peeping Inside Android Applications: Reverse Engineering with Androguard

by Ajit Kumar

Reverse engineering is one of the ways to find out what’s inside of any Android applications; it also helps developers to learn, test and debug their and applications as well as applications written by others. Reverse engineering is a complex and cumbersome task, so tools like Androguard make this task automated and hence ease the job of reverse engineers. This tutorial provides a brief introduction of Androguard, explains various tools available inside Androguard and provides some examples of basic reverse engineering with Androguard.

And much more, check it out!

Hakin9 Magazine Features “Pulling Passwords from Memory Dump” Article

Hakin9 is well known in the security circles and is just a great magazine. It is known as “A magazine for IT security professionals by IT security professionals”. It covers some of the latest information on attack and defense tactics that are out there.

For those of you who are not familiar with Hakin9, the Worldwide IT Security magazine started in 2005 and is released 4 times a month:

  • Hakin9 (release date:1stof each month) – 50 pages of content dedicated to IT security, few regular columns written by specialists
  • Hakin9 Mobile (release date: 7th of each month) – 40 pages of content devoted to hacking and security of mobile devices and applications
  • Hakin9 Extra (release date: 15thof each month) – 50 pages of strictly topical content dedicated each time to different hot security topic
  • Exploiting Software (release date: 22nd of each month) – 40 pages of content dedicated to latest software exploits and security

This months Exploiting Software magazine has some interesting articles including:

Starting to Write Your Own Linux Schellcode
Buffer Overflow Exploitation A to Z
Anatomy of the Black Hole Exploit Kit
Hacking Applets: A Reverse Engineering Approach
The Gentoo Hardened Project: Or How to Minimize Exploits Risks

And, forgive me for some shameless self promotion, How to Recover Passwords from a Memory Dump.

How to Recover Passwords from a Memory Dump

Malware analysis is an amazing field. To be able to grab a memory dump from a live machine and then have the capabilities to pull useful information from it just amazes the author. Can we find pertinent system settings, and even pull information from them? Were you ever curious about what could be done with a memory dump of an active computer? This article is a short demonstration on how to acquire a memory dump from a running system, and then how to use tools to not only recover the system password hashes from the memory dump, but also how to decode them.

The Hakin9 article I wrote is based on the memory forensics topics & hash cracking posts that have been covered recently here on CyberArms. I am pretty excited about it, and hope you like it too.

Check it out!