#セキュリティ
12 posts-
explanationThe Michael Shutdown Attack — A Wi-Fi DoS That Weaponizes TKIP's Own Defense
The Michael shutdown attack (the TKIP MIC countermeasure attack) is a DoS that weaponizes the very defense — the '60-sec...
-
explanationEvil Twin Attack Explained — How a Rogue AP Impersonates a Network with the Same SSID, and How to Defend
An Evil Twin attack stands up a rogue access point that impersonates a legitimate AP by broadcasting the same SSID — usu...
-
explanationDeauthentication Attack — How Wi-Fi Disconnect Attacks Work and How PMF Stops Them
A Deauthentication Attack spoofs the IEEE 802.11 Deauthentication management frame (Subtype 0x0C) to force open Wi-Fi se...
-
explanationGhidra — How NSA's Open-Source Reverse Engineering Suite Works
Ghidra is the reverse-engineering suite the NSA used internally and then released as OSS under Apache License 2.0 at RSA...
-
explanationFirewalls Explained — Five Generations, Stateful, NGFW / WAF / Cloud SGs
A firewall is an access-control device that drops any traffic that doesn't match a defined rule. Starting with DEC SEAL...
-
explanationASM Explained — Attack Surface Management / EASM, CAASM, DRPS
ASM (Attack Surface Management) is the security discipline of discovering every entry point an attacker can see into you...
-
explanationRansomware — How It Works, Notable Incidents, and How to Defend
Ransomware is malware that 'encrypts files and demands a ransom for the decryption key'. Its ancestor is the 1989 AIDS T...
-
explanationTrojan Horse Explained — Types, Delivery Vectors, and Defenses
A Trojan horse is malware that disguises itself as legitimate software so the user installs it themselves. Unlike viruse...
-
explanationDDoS Explained — Mechanics, Categories, and Defenses
DDoS (Distributed Denial of Service) is the attack of burying a target under legitimate-looking requests, and because it...
-
explanationBuffer Overflow Explained — Stack Mechanics, Exploits, and Mitigations
Buffer overflow — writing past the end of an allocated buffer and corrupting adjacent memory — is the classic C/C++ vuln...
-
explanationKali Linux — The Pentest Distribution: Its Tools and How to Use Them
Kali Linux is the Debian-based 'attacker-optimised' Linux distribution maintained by Offensive Security (now OffSec), sh...
-
explanationHTTP/HTTPS
HTTP/HTTPS is the protocol the World Wide Web uses to move content. This article covers the request/response structure,...