Open WDavid404 opened 1 year ago
WDavid404
commented
1 year ago Automation And Useful Software:
WDavid404
commented
1 year ago WDavid404
commented
1 year ago Expired Domains
Typosquatting
TLD Alternatives A TLD (Top Level Domain) is the .com .net .co.uk .org .gov e.t.c part of a domain name, there are 100's of variants of TLD's now. A common trick for choosing a domain would be to use the same name but with a different TLD.
IDN Homograph Attack/Script Spoofing:
Originally domain names were made up of Latin characters a-z and 0-9, but in 1998, IDN (internationalized domain name) was implemented to support language-specific script or alphabet from other languages such as Arabic, Chinese, Cyrillic, Hebrew and more. An issue that arises from the IDN implementation is that different letters from different languages can actually appear identical.
macros
when there is a vulnerability against a browser itself (Internet Explorer/Edge, Firefox, Chrome, Safari, etc.), which allows the attacker to run remote commands on the victim's computer.
An example of this is CVE-2021-40444 from September 2021, which is a vulnerability found in Microsoft systems that allowed the execution of code just from visiting a website.
Usually, the victim would receive an email, convincing them to visit a particular website set up by the attacker.
spear-phishing vs phishing
spear-phishing a specific and targeted attack on one or a select number of victims, while regular phishing attempts to scam masses of people. In spear phishing, scammers often use social engineering and spoofed emails to target specific individuals in an organization.
phishing emails
the sender's email address, the subject and the content.
Ideally, the sender's address would be from a domain name that spoofs a significant brand, a known contact, or a coworker. To find what brands or people a victim interacts with, you can employ OSINT (Open Source Intelligence) tactics.
Dropper
The droppers are not usually malicious themselves, so they tend to pass antivirus checks. Once installed, the intended malware is either unpacked or downloaded from a server and installed onto the victim's computer.