- Malware Capabilities and Limitations of Enterprise Antimalware Suites
Modern enterprise antimalware suites include traditional AV, spyware and rootkit protection, host firewalls, browser security, email filtering, cloud-based analysis, and centralized management....
- Tools Using ICMP Reverse Shell to Remotely Control a Host
ICMP can create covert command-and-control channels that cross many firewalls since organizations often allow ping traffic. The icmpsh tool demonstrates this—a Windows victim issues ICMP echo-request...
- Incident Response Network DDoS Incident Response Cheat Sheet
DDoS response requires preparation before attacks occur: establish ISP contacts, create allowlists of critical source IPs, lower DNS TTLs, and document infrastructure. During attacks, analyze traffic...
- Malware NetworkMiner for Analyzing Network Streams and Pcap Files
NetworkMiner is a free Windows tool for network forensics that displays hosts, HTTP parameters, clear-text content, and credentials from live or captured traffic. It automatically carves files from...
- Tools Design Information Security With Failure in Mind
Security controls will eventually fail despite best intentions—design architecture to detect suspicious activities early and limit incident scope when breaches occur. Like boats engineered to stay...
- Tools Common Failures of Information Security Tools (Part 1)
Security tools have side effects like medicine. Network firewalls cause connectivity issues; WAFs block legitimate traffic after site updates and are difficult to troubleshoot; antivirus tools may...