Swapneel Patnekar
-
Zerodha users targeted with a pig-butchering scam
—
by
Threat researchers at Shreshta have uncovered a pig-butchering scam targeting Zerodha users. The phishing websites are impersonating Zerodha, a reputed stockbroking and financial services company, duping investors into investing in fake crypto and investment schemes. What is a pig-butchering scam? A pig butchering scam, a.k.a. “Sha Zhu Pan” or Shazhupan, (Chinese: 杀猪盘), translated as Killing…
-
Whois API free
—
by
Are you looking for a reliable, easy-to-use, and free Whois API? Our new Whois API service offers fast, accurate domain information data, making it an ideal solution for security researchers, SOC analysts etc The Whois API provides the creation date and registrar name. The API requires no registration or token generation. The above request, returns…
-
ShadowFindr – Uncover domain shadowing attacks
—
by
At the DNS Community Day organized by DNS-OARC at the APRICOT 2024/APNIC 57 conference, we released ShadowFindr, a web tool to detect potential domain shadowing attacks. Who is living off your domain name? ShadowFindr is a web tool built for domain name registrants that helps identify potential domain shadowing attacks. We have written about domain…
-
Domain shadowing
—
by
Domain shadowing is a technique listed by MITRE ATT&CK as T1584.001 sub-technique of T1584 This technique is not to be confused with subdomain hijacking What is a domain shadowing attack? Threat actors gain control of the DNS control panel of legitimate domain names by brute force and stealthily insert subdomains pointing to the attackers’ network…
-
Web shell – A primer
—
by
What is a web shell? A web shell is a malicious script written using commonly used web application languages such as PHP, JSP, or ASP. They provide an attacker with a easy way to attack a compromised web server via web-based vulnerabilities, and once installed on a web server’s operating system, the web shell’s facilitate…
