Geek3OM

Introduction Imagine this: You receive an urgent email claiming your account has been locked. You click the link, log in, and even enter your two-factor authentication (2FA) code. Everything seems fine—until days later, you discover your account has been hacked. What just happened? You’ve fallen victim to an Adversary-in-The-Middle (AiTM) attack, one of the most sophisticated and dangerous phishing techniques today.   What makes AiTM attacks even scarier is their commercialization. Cybercriminals can now buy ready-made AiTM phishing kits on the dark web, turning session hijacking into a booming business. In this article, we’ll break down how AiTM attacks work, share real-world examples, and arm you with actionable tips to protect yourself. What is an AiTM Attack?  An AiTM attack is a type of Man-in-The-Middle (MitM) attack where cybercriminals intercept and manipulate communication between you and a legitimate service. Unlike traditional phishing, AiTM attacks don’t just steal...

Microsoft 365 Defender stands out from other cybersecurity solutions in several key ways, making it a compelling choice for organizations looking to bolster their security posture. Let's explore how it differs from other solutions: 1. Integrated Ecosystem: One of the primary differentiators of Microsoft 365 Defender is its integration with the broader Microsoft ecosystem. It seamlessly integrates with other Microsoft 365 products, such as Microsoft 365 and Azure Active Directory, creating a unified security platform. This integration allows for better visibility and correlation of security events across different services, enabling more effective threat detection and response. 2. Native to Microsoft 365 : Unlike many third-party security solutions, Microsoft 365 Defender is native to the Microsoft 365 environment. This native integration provides several advantages, such as easier deployment, streamlined management, and automatic updates. It also means that Microsoft 365 Defender c...

Active Directory Pentest Active Directory (AD) is a Microsoft technology that provides a centralized location for managing users, computers, and other resources within a network. As AD is a critical component of many enterprise networks, it is a common target for attackers looking to gain unauthorized access. An Active Directory Pentest, short for Penetration Test, is a security assessment that focuses on identifying and exploiting vulnerabilities within an AD environment. The goal of an AD Pentest is to simulate an attack from a malicious actor and identify weaknesses that could be exploited to compromise the security of the network. The results of an AD Pentest can provide valuable insight into the security posture of an organization and help inform decisions regarding security controls and risk management.   LLMNR Name Poisoning Link-Local Multicast Name Resolution (LLMNR) is a protocol used in modern Windows operating systems to resolve the IP addresses of nearby comput...

This is Education Purposes Only  Before coming to the main topic of this article, I would like to introduce a good source of knowledge in the cybersecurity domain. This source may not be new to most of you as you guys were in the field for a long time. But anyway I will keep a little note on this as im a huge fan of this Tech-Talk. The source is non-other than the "DEFCON conference" YouTube channel. ( As in my inner thoughts I would dying to participate to the actual conference one day😍).   DEFCON So writing about DEFCON for the new people, DEFCON is one of the world's prime and most outstanding hacker conventions, held yearly in Las Vegas, Nevada. Simply this is a place where all there Hackers (People with exceptional technical knowledge and out of the box thinking pattern) get together and show off their research works and share knowledge. If you follow the below link, you will find the YouTube channel where you can view the tech talks in most of th...

This is Education Purposes Only It's 2020, and I believe most of you (Geeks, Tech Guy, IT Pro's, Pentesters) have already heard or Know about keystroke injection tools such as  Rubber Ducky ,  PHUKD.  Same as the above many good research ideas have been published, such as Iron HID, Mousejack, and the coolest USaBUSe. What is WHID Injector? If you are new to the topic, I will note a brief introduction WHID Injectors.  WHID  stands for "Wifi  HID. "  HID means  a human interface device , ie. Mouse, Keyboard. So You may wonder how the HID device been transformed into WHID and using to conduct a cyber attack. Let's get in there in the next topic. First, we will explore how WHID had made. WHID contains two main elements. Primarily  Atmega 32u4  (commonly used in many Arduino boards) featuring self-programming flash program memory and  ESP-12s  to provides the wifi capabilities and is widely used in IoT projec...