Qradar LOg sources video part -1


 

Comments

Post a Comment

Popular posts from this blog

How to bypass a 2FA with a HTTP header

Image
  Hi everyone and welcome back on this new write-up. Today, I would like to talk about a vulnerability I found on some programs that allowed me to bypass their 2FA protections. On a side note, due to the fact that the programs are private, all the informations about the websites will be redacted. That’s said, let’s start ! Introduction: As many hunters, when I start my research on a new bug bounty program, I use the application as a lambda user. This allow me to understand how the applications work and notice which features can be interesting to test. I noticed that the applications had a 2FA feature, I enabled it and I started to play with it. For those who are not familiar with the concept of 2FA (Two-factor authentication), this can be defined by: Two-factor authentication  ( 2FA ) is a way to add additional security to your account. The first “factor” is your usual password that is standard for any account. The second “factor” is a verification code retrieved from an app o...
Read more

What is a Dictionary Attack? How the Attack works and How to Prevent the Dictionary Attack

Image
  A Dictionary attack is one of the ways through which the attackers try to gain access to the keys of the reign. Bad actors take advantage of people using common dictionary words as their passwords. A study has proved how the majority of people like to reuse their passwords or use common phrases that are relatively easy to remember.  Databases used in dictionary attack does not only include the common dictionary words, but also the passwords leaked in previous attacks. Dictionary Attack Using Burp Suite Tool: BurpSuite is indeed a great tool for testing vulnerability in web applications. We are here using its free-version which has limited capabilities but works well for learning! Lets began the process to brute force/dictionary attack.  So, we’ll be using VM setup, with Kali and Bee-Box as a Web Server which is the victim. The process for setting up the Burp Suite and proxy in the browser is explained here. Make sure you have set up your proxy to your localhost. STEP1:...
Read more

What is DLP?DLP Investigation process & How it benefits organization

Image
                                         DLP TOOL SOP INVESGATION   1. Introduction Force point DLP  is the solution, enables organizations to encrypt information and block risky data flows properly in order to monitor and control the flow of data over their networks and to meet administrative compliance. The data visibility and controls managed by DLP network security enable policy based Protections to guarantee that delicate information is only being transmitted to or accessed by approved by beneficiaries. Which help to prevent the organization sensitive data lost, misused, or accessed by unauthorized users through endpoints (USB drive, Endpoint Printing, Endpoint HTTP/HTTPS, etc.) and through SMTP (Network DLP email monitoring) channel . 2. Purpose and Scope of this document This document broadly outlines Company ’s present Information Security and data protection m...
Read more