Apr 2, 2018
Posted in blog, Information Security, Tools, Tutorial
DNSTwist – A Look at Domain Phishing Enumeration
A few weeks ago, I happened to stumble upon a tool called DNSTwist. And, like every tool I ever encounter, I always like investigate more into a tools capabilities and what it can offer. After reading more about the tool through another blog I was reading at that time. I was pointed towards the official Github page for DNSTwist. The tool itself is great and something every company should at least look at on a yearly basis. Phishing attacks are on a rise, and the expectation is that they will continue to increase over time. So, I’ve decided to create a very quick tutorial on how to use DNSTwist, and what it can offer for anyone that wants to make use of it. This is a great tool for Pen Testers and Security Analysts!
What can DNSTwist do for me?
I found using this tool gave me great insight into major phishing attacks that could be conducted against users or companies. Now how is this a good thing? Well, if you know the type of attacks that can take place, or how a certain attack can take place. Then, you are better able to find ways to defend against this type of attack. At the minimum, you can at least detect this specific type of attack. In my experience there are more stats revealing that there is now a rise in phishing attacks against companies and users.
So how does this tool help me? (more…)
Mar 5, 2018
Posted in Information Security, Tutorial, Windows
Bypassing Windows Logon Passwords
Introduction
So I had a friend who had an old laptop sitting around collecting dust at home. He knew I was into computers and asked me if I wanted it. And you know a techie…. when someone throws out free hardware you just can’t complain or say no!!
However, he realized he did not remember his password, and wanted to see what files still were on the machine before he let me have it. He was sure he backed all files up awhile back when he got his new laptop. But, he wanted to be sure, and knowing I am a Security Analyst wondered if I could help him out. So, I went ahead and was able to obtain his password so he could login to delete or save any data he still wanted.
After I completed the task to recover the password, I decided it would make a great blog article to write about.
So here it is…… (more…)
Mar 3, 2018
Posted in blog, Featured, Information Security
Passing The GSEC Exam
So, I’ve officially nailed down another Information Security certificate. And, this time a certificate from the SANS Institute with their GIAC- GSEC certificate. I thought I’d make a post for other people that plan to challenge the exam, and share my own personal experience through it all.
Is it Right For Me ?
The big question would be why are you thinking of obtaining this certificate? Does your work require it? Are you new to the information security field and want a better foothold into the industry? Do you wish to gain more knowledge and/or a higher quality of training? If it’s any of those reasons apply to you, then I would definitely point you towards getting your GSEC certificate.
Preparing For The Exam
So some may ask how they can best prepare for the exam? (more…)
Nov 3, 2017
Posted in blog, Featured, Information Security, portfolio
Finding a Drupal Vulnerability
So, I found my first official Drupal Vulnerability with Drupal Core. You can read more about it officially on Drupal’s website here –> https://www.drupal.org/SA-CORE-2016-001
For those that don’t know much about Drupal it is a Content Management System similar to WordPress and Joomla.
During my time conducting a security assessment and audit on Drupal, I found an issue. This particular vulnerability was found many months back. I had decided to hold off on publishing anything about it so it would give many Drupal users time to mitigate the issue.
What is the Vulnerability?
(more…)
Oct 27, 2017
Posted in blog, Information Security, Malware
Vulnerable JavaScript Illegally Mining User Machines
So a few days ago, I was browsing Cnet.com to view some on-line tools. I noticed an odd alert triggered by my Anti-Virus scanner. My scanner detected it as HKTL_COINMINE with my URL Filtering option enabled on my scanner. I decided to investigate it further to see what this was all about. What I slowly started to uncover was that something was using my machine to mine. This at first didn’t make sense, as no new applications or files were downloaded.
Then, I noticed an increase in CPU, and I have a normal baseline where my CPU levels normally reside at for the most part. After looking into some network connections I realized there was a connection made out to a server in Ukraine. And, that isn’t typical behavior of my network to be connecting to a machine in Ukraine. The realization after some further investigation that it was the CNET JavaScript file that had been compromised externally on another server . And, this led me to my next blog post!
How Do They Exploit JavaScript?
(more…)
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as I’d like 
