Social Engineering is the act of manipulating people and getting confidential information which is not accessible in normal circumstances. It is technique used as part of Active Footprinting where an attacker tries to gather information about a target initially before further moving in other phases of Cyber Kill Chain of an attack. Social Engineering relies…
Category: Credential Access
Phishing
Phishing is an act where an attacker impersonates as a legitimate person or entity and deceives a target to get sensitive information by sending emails, texts, SMS or having voice calls. The following are different techniques used in phishing attack.
Sniffing
Sniffing is the act of monitoring and capturing the network traffic. An attacker sniffs the network traffic by inserting a software or hardware into the network between the sender and receiver. Sniffing is also referred as Network Sniffing which is a type of Eavesdropping. Types of Sniffing Passive Sniffing is where the attacker passively listens…
Kerberos Attack
Kerberos is a strong authentication protocol that can be used in an open unprotected network. Despite it’s strength, there are some attacks that can be done against Kerberos which are as follows: Kerberoasting is post-exploitation attack technique. In this attack, the attacker has a compromised authenticated user’s account in a domain and targets Service Accounts…