RnD

XSSer – Automated Framework Tool to Detect and Exploit XSS vulnerabilities XSS is a very commonly exploited vulnerability type which is  very widely spread and  easily detectable for XSS. An  attacker can inject untrusted snippets of JavaScript into your application without validation. This JavaScript is then executed by the victim who is visiting the target site  [Read More] . Cross Site “Scripter” (aka XSSer) is an automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications. It contains several options to try to bypass certain filters, and various special techniques of code injection. Installation XSSer – XSS XSSer runs on many platforms. It requires Python and the following libraries: - python-pycurl - Python bindings to libcurl - python-xmlbuilder - create xml/(x)html files - Python 2.x - python-beautifulsoup - error-tolerant HTML parser for Python - python-geoip - Python bindings for the GeoIP IP-to-cou...

Live Forensics Analysis with Computer Volatile Memory:- The field of computer Forensics Analysis involves identifying, extracting, documenting, and preserving information that is stored or transmitted  in electronic or magnetic form (that is, digital evidence) Forensics Analysis – Volatile Data: The data that is held in temporary storage in the system’s memory (including random access memory, cache memory, and the onboard memory of system peripherals such as the video card or NIC) is called volatile data because the memory is dependent on electric power to hold its contents. When the system is powered off or if power is disrupted, the data disappears. How to Collect Volatile Data: There are lots of tools to collect volatile memory for live forensics or incident response.In this, we are going to use Belkasoft live ram Capture Tool. After the capture of live data of RANDOM ACCESS MEMORY, we will analyze with Belkasoft Evidence Center Ultimate Tool . Acquisiti...

USB Forensics – Reconstruction of Digital Evidence from USB Drive:-    Digitial Forensics analysis of USB forensics include preservation, collection, Validation, Identification, Analysis, Interpretation, Documentation, and Presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal. Disk Imaging – USB Forensics:- A Disk Image is defined as a computer file that contains the contents and structure of a data storage device such as a hard drive, CD drive, phone, tablet, RAM, or USB . The disk image consists of the actual contents of the data storage device , as well as the information necessary to replicate the structure and content layout of the device. However Wide ranging of well-known tools is used according to the court of law to perform the analysis. Standard tools are solely authorized as per law , Forensics examiners are disallowed to perform Imaging wit...

Binwalk – Analyzing Embedded Files and Executable Code with Firmware Images:-   Binwalk is a device for looking a given binary image for embedded documents and executable code. Specifically, it’s far designed for figuring out files and code embedded inner of firmware images. Binwalk uses the libmagic library, so it is compatible with magic signatures created for the Unix file utility. Binwalk additionally consists of a custom magic signature report which contains progressed signatures for documents which are typically found in firmware photos including compressed/archived files, firmware headers, Linux kernels, bootloaders, filesystems, and so forth. To scan the firmware for embedded file types and systems. root@kali:~# binwalk src_rxfw.07a   To extract known file types from the firmware image -e, –extract root@kali:~# binwalk -e src_rxfw.07a To scan the files Recursively -M, –matryoshka root@kali:~# binwalk -Me src_rxfw.07a ...