• Include anything related to website on public Internet which cause to disclose information
  • Hackers use these information in footprint process or social engineering attacks

Public source Examples

  • Search engine such as Google and Bing
  • Company website including contacts , job posting …
  • Robots.txt
  • View source or comments in HTML contents
  • , can view history of archived website
  • Social media websites like blogs and LinkedIn
  • Trusting fake websites and people (fake opening job in LinkedIn)
  • Geo location and addresses  (used with wireless attacks)
  • , search engine help for system banners
  • Google hacking , review my whitepaper “Maximizing SharePoint Security”
  • Google Hacking Database (GHDB) , search engine help in find vulnerabilities and exploits by search queries
  • Document’s metadata , contains information like name of users , OS created the document …

FOCA tool

How to use it

Create new project


Fill the fields and click Create


Click Search All


It will show list of files found it for this domain and metadata of these documents , you can then right click to Analyze Metadata in Metadata Summary node





How to use it

In Kali linux 2, run the following command:


Enter the name of the website , directory to save the result and the website to capture


Choose Action 1 and ignore the rest questions


Skipfish – Web application analysis tools


  • Web application scanner tool
  • Used for reconnaissance and build sitemap for the target website by using a recursive crawl and prebuild dictionaries (wordlists)
  • Generate graphical output as HTML file
  • Display Number of packets and HTTP connections sent
  • Help to identify common security risks like SQL injection and XSS flaws
  • Check SSL certificate validity
  • Can be used with Http authentication

How to use it

In Kali linux 2, run the following command:

Skipfish -h to lists its options

Skipfish -o <output location> <website target>



To end the scan before finish, type Ctrl+C

The output result in index.html file is easy to read and verify by testers



Securing JavaScript Code

Web Applications become heavily based on JavaScript code especially Single Page applications. Here I will list some important security controls and vulnerabilities commonly exist within JavaScript applications to be avoided or considered during developing your web applications.

Security Risks and Controls



Microsoft Advanced Threat Analytics

What is Microsoft Advanced Threat Analytics (ATA)?

ATA is an on-premises platform to identify advanced security attacks by automatically analyzing, learning, and identifying normal and abnormal entity behavior.

  • It is part of Microsoft Enterprise Mobility Suite
  • Help to detect attacks within a corporate network or especially for the compromised user credentials
  • Help to reduce the cost/damage of cybercrime
  • It’s extra layer of defense and you still need your other defenses like Firewall , IDS/IPS , Antivirus … etc
  • Help to find out the back-doors or botnet inside your network
  • Fast , Easy to install and No need to define rules with less false positives risks
  • Help to detect passive attacks before active attacks
  • ATA is based on UEBA
  • Does not affect existing network topology
  • It’s just listen and no extra traffic to introduce
  • Store data in MongoDB
  • Integrate with SIEM products seamlessly
  • Learn by behavoir and patterns and it doesn’t based on specific signature or common hacking tools

What is User and Entity Behavior (UEBA) ?

  • It’s a solution to monitor user behavior by using multiple data sources
  • Based on machine learning algorithms
  • Detect security breaches by evaluate the user activities

For example bank monitors your transactions behavior and if they see any suspicious transactions on your account then they will raise an alert , in the same way attacker can steal your account but it’s difficult to them to simulate your activities so ATA can address this situations.

UEBA has three components: data analytics , data integration and data presentation and result of these components to understand the normal/abnormal behavior and then identify the risks and take actions against them.


Good Resources for Microsoft Advanced Threat Analytics (ATA)