Skip to main content

Phishery – Domain Credential Theft via Social Engineering

Identifying the employees of the target organization via social media platforms such as Linkedin and sending related attractive mails comes first in the social engineering attacks. By tracking down social media, an adversary may understand most interesting topic about targeted company’s employees. After from that point, adversary may send out a phishing e-mail to the selected employees in order to steal a valid domain credentials. Read More

Data Exfiltration (Tunneling) Attacks against Corporate Network

Data exfiltration, also called data extrusion, is the unauthorized transfer of data from a computer. These type of attacks against corporate network may be manual and carried out by someone with USB or it may be automated and carried out over a network. In this article, we will focus on a network based data exfiltration techniques that must be covered during penetration test. Read More