Are You Sinking DNS?

August 17, 2021 SysRisk

Summary Over the past month I have been incrementally experimenting with C2 and file transfer to a rogue authoritative DNS server. DNSlivery does the job of downloading a stager to grab the larger dnscat2.exe file, but we found that Mcaffee readily detected the dnscat2 executable and MS Defender did not detect the malicious tool. In this writeup I will walk you through setup and operation of DNSlivery, then how to use this tool to stealthily download a simple staging script to download the larger dnscat2.exe executable. DNSlivery To get started, understand the requirements:You need a domain name that you control … Continue reading Are You Sinking DNS?

UncategorizedLeave a comment

The CISO Role is Technical

October 13, 2020October 13, 2020 SysRisk

Recently there has been a bit of discussion about information security leadership. The other night I was put on the spot when I made a comment and the response was, “so if you’re not technical, you cannot do security work?” Or, something like that. Continue reading The CISO Role is Technical

UncategorizedLeave a comment

Application Security – Another Look At JVM

September 26, 2010December 27, 2023 SysRisk

1) Two year old child in the front seat without any restraint (still very common here)2) Stops in the middle of the intersection and looks both ways3) Attempts to insert a 1,000 yen bill into the parking garage ticket dispenser when entering4) Brags about driving once per week for ten years without incident5) Double parks right across the street from a fellow double-parking crony6) Pulls the car wide into opposite lane to make a turn7) Car is spotless after four successive days of rain and snow Doesn’t want to take hay fever medicine on a Thursday for the upcoming Sunday … Continue reading Application Security – Another Look At JVM

Blog

Five Hacking Tips

Category: Uncategorized

Are You Sinking DNS?

The CISO Role is Technical

Application Security – Another Look At JVM