Cyber Security and Cyber Forensics Articles/Tutorials

Windows registry analysis is an integral part of generating or gathering evidence against cyber crimes. Every operating system has its own file system and its own registry. The registry is a database of stored configuration information about the users, hardware, and software on a Windows system. Although the registry was designed to configure the system, to do so, it tracks such a plethora of information about the user's activities, the devices connected to system, what software was used and when, etc. All of this can be useful for the forensic investigator in tracking the who, what, where, and when of a forensic investigation.  In Case of windows registry, there are root folders. These root folders are referred to as hives. There are five (5) registry hives. 1. HKEY_USERS: contains all the loaded user profiles 2. HKEYCURRENT_USER : profile of the currently logged-on user 3. HKEYCLASSES_ROOT: configuration information on the application used to open files 4. HK...

JSQL is a lightweight application that is inbuilt in kali linux but it is  open source and platform independent  (Windows, Linux, Mac OS X, Solaris).   used to find database information from a distant server. This is another injection tool just like SQLMAP but is a lot more user friendly cause SQLMAP is command line based whereas JSQL is Graphical User Interface(GUI) Based. If you guys haven't seen the article and tutorial on SQLMAP then click here . JSQL is more convenient and more easier to use as no commands will be used to perform injection.  As JSQL is platform independent interested people can download it in their respective platform or can use it easily if they are using kali linux. In this tutorial i am going to use kali linux and JSQL is already installed in kali linux. JSQL is under Application-> Database Assessment-> JSQL Injection .   First thing that we will require is the url of the website that we want to hack...

Making own dictionary from words not listed in the normal English dictionary can be helpful specially for people who want to crack passwords based on some person's name, surname or native language words( Example Nepali word, Hindi Word etc). Since most of the word list that are used to hack into a system or crack passwords contain words from English dictionary, passwords such as name of person, surname of person, pet-name and specially words of native language aren't included in that word list as they aren't defined in the English dictionary. This is one the most crucial drawback of dictionary attack. Apart from selective words problem, dictionary attacks usually take lot of time cause they attempt all the words present in the word-list as passwords to crack the authentication system. If we make our own dictionary then it will also help in saving time. But making our own dictionary can only be helpful to only those people who have a hint to what the password might be an...

In current context of digitized  world where everything is done over internet, lot of information can be found online. The data can either be private to people or can be public to everyone with no privacy. Everyday lots of data are getting stored in different databases of different websites throughout the world and it is becoming harder to store and protect the data from evasion at the same time. Unauthorized access to such databases can lead to leak of large amount of confidential information related to a person or even an organization. Hackers tend to steal a lot of information through such database by getting either getting authorized or unauthorized access. One of the most common method to get an access to the information's available in a websites database is SQL injection based attacks.  SQL Injection is a type of an  injection  attack that makes it possible to execute malicious SQL Statements.  With the right set of queries, a user can gain access, u...