- Malware How Antivirus Software Works: 4 Detection Techniques
Antivirus tools use four main detection techniques: signature-based (static fingerprints of known malware), heuristics-based (suspicious characteristics without exact matches), behavioral (observing...
- Malware Capabilities and Limitations of Enterprise Antimalware Suites
Modern enterprise antimalware suites include traditional AV, spyware and rootkit protection, host firewalls, browser security, email filtering, cloud-based analysis, and centralized management....
- Assessments Looking for Infected Systems as Part of a Security Assessment
Security assessments often produce predictable results—missing patches—so consider adding malware detection tasks. Techniques include identifying unmanaged systems, analyzing autorun entries for...
- Incident Response 9 Reasons for Denial-Of-Service (DoS) Attacks: Why Do They Happen?
DoS attacks happen for many reasons: extortion demands, turf wars between criminal groups, anticompetitive sabotage, punishment for refusing demands, political criticism, training grounds for future...
- Tools Using ICMP Reverse Shell to Remotely Control a Host
ICMP can create covert command-and-control channels that cross many firewalls since organizations often allow ping traffic. The icmpsh tool demonstrates this—a Windows victim issues ICMP echo-request...
- Malware NetworkMiner for Analyzing Network Streams and Pcap Files
NetworkMiner is a free Windows tool for network forensics that displays hosts, HTTP parameters, clear-text content, and credentials from live or captured traffic. It automatically carves files from...