Archive | Security

16 September 2018 ~ 0 Comments

DNS mapiranje

Zašto? Mapiranje DNS zapisa jedan je od početnih koraka u penetracijskom testiranju. DNS mapiranje otkriva potencijalne usluge i IP adrese koje organizacija koristi. PowerShell rješenje koje bi zadovoljavalo moje kriterije nisam pronašao pa sam kreirao svoje. Što radi? U prvom koraku pokušati će pronaći najbrži javni DNS server (Google, CloudFlare, Quad9) koji će se koristiti […]

Continue Reading

Tags: ,

05 September 2018 ~ 0 Comments

Koje lozinke vole Hrvati

Zašto? Ako ste ikada koristili razne password liste vrlo vjerojatno niste imali puno uspjeha u radu kako gotovo i ne postoji password lista koja je pogodna za hrvatsko govorno područje. Password liste za hrvatsko govorno područje svode se više/manje na rječnike hrvatskog jezika. Rezultat je da statistike korištenja lozinki nisu u potpunosti relevantne za hrvatsko […]

Continue Reading

Tags: ,

30 August 2012 ~ 0 Comments

Study of Implementing Available Security Controls of Wireless Computer Networks

This article will present an analysis of security levels of wireless home networks based on IEEE 802.11 standard. The analysis of security implementation will be done on the basis of activated security checks available to end users in order to protect their own wireless system to the full. The analysis will encompass average users as regards to their knowledge of network communication systems and implemented security checks. The end result, i.e. a realistic picture of the way end users think about wireless computer network security, which in turn will have an impact on science and society in general, will enhance the awareness of possible ways wireless networks can be abused.

Continue Reading

Tags: , ,

23 December 2011 ~ 0 Comments

Analiza phishing email poruke “Obavijest za povrat”

Analiza phishing email poruke “Obavijest za povrat”

Posljednjih dana kruži e-mail poruka koja obaviještava čitatelja da je porezna uprava utvrdila da će čitatelju poruke isplatiti 857,88 kuna te se od čitatelja traži da otvori priloženi dokument “Povrat Obrazac.htm” koji je potrebno ispuniti. Kao pošiljatelj se navodi “Porezna upravat ([email protected])”

Continue Reading

11 November 2011 ~ 0 Comments

My Google Reader RSS subscriptions

I love RSS. I love Google Reader. I love my RSS collection!
I’ve been collecting this for some time now. This collection is not just a bunch of links but it’s a collection of carefully selected RSS channels. It contains almost 300 hundred RSS channels for web desing, UX and security. Most of the RSS channels are security related which include forensic analysis, exploits, malware analysis and PEN testinging.
Feel free to download this OPML and use it as you like it :)

Continue Reading

13 July 2011 ~ 0 Comments

The Framework of e-Forensics in the Republic of Croatia

The Framework of e-Forensics in the Republic of Croatia

With the development of information communication systems and the services they provide, the complexity of the organization of information within information systems is growing. The complexity itself contributes to the increase in the number of electronic incidents and affects the high demands of forensic procedure implementation. It is estimated that in the near future the number of electronic incidents will outgrow the number of classical criminal incidents both financially and quantitatively. Due to the things mentioned above, early identification, discovering and taking legal proceedings against the perpetrator of an electronic incident are necessary. It is necessary to investigate all electronic incidents adequately and promptly and adapt the legal framework and laws related to e-Forensics. e-Forensics is a relatively new discipline within which there is a low level of standardization and consistency. With the purpose of increasing the quality of performing e-Forensics and presenting the evidence in a possible judicial proceeding one has to define the legal framework of e-Forensics. The analysis of current legal standards and methods used to perform e-Forensics is presented in the paper as well as the proposal of performing e-Forensics with defined procedures and methods.

Continue Reading

30 January 2010 ~ 1 Comment

Hacking websites: The Series

Hacking websites: The Series

This is the beginning of the “Hacking websites” series which will try to explain why sites are hacked, how they are hacked and how to protect your website(s) from being hacked and broken. Motivated with rather discouraging results form Breach and WhiteHat security statistics reports I decided to start these series which will, hopefully, educate readers enough to protect their websites from top 10 vulnerability classes.

Continue Reading

Tags: ,

05 January 2010 ~ 0 Comments

Classification of Information System Hacking Tools

Classification of Information System Hacking Tools

In a process of hacking information system the attacker will be using one or more hacking tools to accomplish his objective. The hacking tools can be divided into two main categories: procedural classification and functional classification. Procedural classification describes which tools are use during seven steps of hacking attacker is going through. Functional classification is describing the main four categories based on the tools functionalities.

Continue Reading

12 December 2009 ~ 1 Comment

Hacking Information Systems: Tools of the trade

Hacking Information Systems: Tools of the trade

For every step of the hacking process one or more tools could be required for the attacker to complete his objective. Although there are thousand of hacking tools variations all of them can be categorized to 14 basic categories.

Although, when talking about “tools” many will think about software solutions. But in a broader sense, hackers toolkit is much more than just software and it can be anything from piece of paper and a pen to human activities for collection of sensitive information and the penetration into the target system.

Continue Reading

05 December 2009 ~ 2 Comments

Hacking Information Systems: The Seven Steps

Hacking Information Systems: The Seven Steps

Hacking an information system which can be a computer network, server or a web site collection can be, and it is, very complex procedure and different procedure for every information system. But in it’s essence follows the basic seven steps of hacking into some kind of information system. From basic scouting to full takeover these seven steps […]

Continue Reading