Unformatted Attachment Preview
Golden eye
I
Golden eye
Contents
Introduction ........................................................................................................................................... 1
Kali Tools: ........................................................................................................................................... 1
❖
❖
❖
❖
Wireshark ............................................................................................................................... 1
Johan the Ripper..................................................................................................................... 1
OWASP Zed............................................................................................................................. 1
Golden eye ............................................................................................................................. 1
Tool Presentation ................................................................................................................................... 2
Tools features: ................................................................................................................................... 2
Keystrokes ...................................................................................................................................... 2
Web Spy ......................................................................................................................................... 2
Application Spy .............................................................................................................................. 2
File/Folder Operation Spy .............................................................................................................. 2
Screenshot Recorder ...................................................................................................................... 2
Start-up/Shutdown Spy.................................................................................................................. 2
Exe File Path Spy ............................................................................................................................ 2
Interface Overview................................................................................................................................. 3
Used Procedure..................................................................................................................................... 11
Results and Analysis .............................................................................................................................. 13
Countermeasures and Suggestions....................................................................................................... 16
Conclusion ............................................................................................................................................. 17
I
II
Golden eye
Table of figures
Figure 1 Main interface of Golden Eye .................................................................................................. 3
Figure 2 tools tabs .................................................................................................................................. 3
Figure 3 bottom bar of the tools............................................................................................................ 3
Figure 4 available mood ......................................................................................................................... 4
Figure 5 Report tab ................................................................................................................................ 5
Figure 6 report selection ........................................................................................................................ 5
Figure 7 Reply screenshot option .......................................................................................................... 6
Figure 8 Fined text option ...................................................................................................................... 6
Figure 9 delete selected record (A)........................................................................................................ 7
Figure 10 delete select record (B) .......................................................................................................... 7
Figure 11 delete all record (A) ............................................................................................................... 8
Figure 12 delete all record (B)................................................................................................................ 8
Figure 13 report output (A).................................................................................................................... 9
Figure 14 Monitoring tab ....................................................................................................................... 9
Figure 15 option tab.............................................................................................................................. 10
Figure 16 About tab .............................................................................................................................. 10
Figure71 Enable key board Monitor ..................................................................................................... 11
Figure71 Login to Facebook account .................................................................................................... 11
Figure 19 typing random Arabic letter .................................................................................................. 12
Figure 20: Screenshot setting ............................................................................................................... 12
Figure17 Keystrokes results .................................................................................................................. 13
Figure11 create report.......................................................................................................................... 13
Figure12 HTML report .......................................................................................................................... 14
Figure13 report result........................................................................................................................... 14
Figure 25: Screenshot result ................................................................................................................. 15
Figure 26: Bank's privet number ........................................................................................................... 15
II
III
Golden eye
Table of tables
Table 1 tool tabs overview ..................................................................................................................... 4
III
1
Golden eye
Introduction
Linux environment is well known secure environment, multiple factor play role in this strong
feature one major factor is that Linux have wide environmental diversity. Like there is many
of Linux shells and distributions, where the malicious attacker find it difficult target to attack
due to wide diversity. one of the best distribution for security purpose is Kali Linux where
announced on March 13, 2013 maintained and funded by offensive security Ltd. Kali is built
upon Debian operating system. It specialized for digital forensics and penetration testing.
Wireshark, nmap, Armitage, Johan the ripper password, OWASP ZAP and Brup suite are few
examples of preinstalled penetration testing program. Where it has over 300 preinstalled
testing program. Multiple choice to run kali environment: booting from hard disk, booting
from live CD or flash memory or by virtual machine.
The minimum requirement for kali installation is 10 GB hard disk, 512MB RAM for i386 and
AMD64 architecture. It is available for both 32- bit and 64-bit machine instruction set, also it
is available on some smartphone such as Nexus 5,6,7,9,10 and some of Samsung galaxy
smartphone.
Kali Tools:
As mentioned previously kali have over 300 preinstalled security tools, the following are the
most used and popular tools:
❖
Wireshark
Free and open source software released under terms of GNU public licences. Used by
professional and novice network analyser, it can be used for many purpose such as
educational uses or for monitoring, troubleshooting and analysing the network. It run on
different platform such us Linux, MacOs and windows.
❖
Johan the Ripper
One of the most used tool for password cracking, it run on different platform. Johan the
Ripper have different mode, one of them use dictionary attack. Another one is brute force
mode.
❖
❖
OWASP Zed
Open Source Web Application Security Scanner, used by professional security tester as well
as novice one. OWASP Zed have many feature such us: Traditional AJAX Web crawlers,
forced browsing and intercepting proxy server.
Golden eye
Spy software used for monitoring all the activity done on user computer. All activities are
recorded in a hidden file in different form. This report will shade light on this tool in details.
And we will test this tool on windows platform.
1
2
Golden eye
Tool Presentation
A powerful tool designed to monitoring and spying all kinds of movement in the device. It is
work like surveillance camera record all the activity done on the device, the result of the
process is stored on a secure file to return to it latter. Golden eye generates a report in
different format, an interactive report format and a Html report format.
Tools features:
The following are the available monitoring and spying built-in engines in golden eye
software:
Keystrokes
all the keystrokes are fully monitored, like for example Email, passwords, messages and
username.
Web Spy
record and monitor all visited websites, the only supported browser is internet explorer.
Application Spy
spy on all opened application window on the device.
File/Folder Operation Spy
record all operations and process done on files/folders, such as folder creation, file deletion
and so on.
Screenshot Recorder
it provides a full monitoring of device screen by take either a screenshot for an active
application or full screen screenshot. Screenshot can take every amount of time that the user
specified.
Start-up/Shutdown Spy
Record all shootdown/start-up with timestamp.
Exe File Path Spy
Record
the
Instant Messenger Spy
execute
file path
of
active
application.
Monitor and record all instant messages on instant messenger Like Yahoo Messenger, MSN
Messenger, etc.
2
3
Golden eye
Interface Overview
At the first stage, when you open Golden Eye tool the main interface is shown as in figure 1.
Figure 1 Main interface of Golden Eye
At the top of the interface there are many tabs user can move in between. Figure 2 show the
tabs available on the tools
Figure 2 tools tabs
As it appears in the figure 3, from the bottom bar appear in the main interface you can start
monitoring, stop, hide and exit the tool from this interface.
Figure 3 bottom bar of the tools
By
default, the selected tab in the interface is General tab, where on the right of the screen there
are two different mode to select, invisible mode in which the tool become invisible form user
computer and all shortcuts removed. To run the tools when it in invisible mood type
GoldenEye in the RUN menu.
The second one is Normal mode in which it visible to the user and it run normally – by
clicking on tools icon to open it –.
Figure 4 show both mode.
3
4
Golden eye
Figure 4 available mood
In table 1 more
detailed information about tool tabs (return to figure 2).
General
this tab selected by default as the main
interface of the tool. From this tab, you can
change the mode either to invisible or
normal mode.
Report
From this tab, you can see the result of your
monitoring and recording. There are many of
options to select Like Keystroke, website,
screenshot, etc. or you can select all option
to see the whole recording. Also, you can
delete, refresh the report and see the report
output.
Monitoring
From this tab, you can tick on what to
monitor and select some specification
Option
In this tab, you can change some option
related to password protection, hotkey, log
file, start and user account.
about
From this tab, you can check any update, and
there some information about tools.
Table 1 tool tabs overview
4
5
Golden eye
The second tab is report tab, where on the top of the interface you can select which report
information to include figure 5 show All option selected whre in figure 6 show only the
kestroks .
Figure 5 Report tab
Figure 6 report selection
In figure 7, when select repley secrenshot the interface “show secrenshot” and you can move
between the shots from the top buttns.
5
6
Golden eye
Figure 7 Reply screenshot option
Also , you can search the result by cliking on the finde icon.
Figure 8 Fined text option
6
7
Golden eye
In figure 9 and 10 show deletion process of a selected record
Figure 9 delete selected record (A)
Figure 10 delete select record (B)
7
8
Golden eye
While in figure 11 and 12 show deletion process of all records
Figure 11 delete all record (A)
Figure 12 delete all record (B)
8
9
Golden eye
To create a report in html format just we click on report output.
Figure 13 report output (A)
In monitoring tab, we can change the specification of monitoring for screenshot, keyboard
and password, internet, clipboard, application, File/folder operation and messages.
Figure 14 Monitoring tab
9
10
Golden eye
In option tab the user can modfiy the configurition of tools ,like passowred protiction where
you can show the tools only by entring passwored. And many others configration.
Figure 15 option tab
Finally, About tab include information about the tool and to check any update for tool.
Figure 16 About tab
10
11
Golden eye
Used Procedure
We started the test procedure by downloading Golden eye software on windows 10. The first
test we used is "Keystrokes" monitoring and Window titles recording. First, we open the
software then from Monitoring tab, we check "Enable key board Monitor" and "Enable
Window Title Monitoring" then we click on Start Monitoring button.
Figure71 Enable key board Monitor
We test the recording of password typing by logging in to Facebook account and see if the
software will record the password with website’s window title or not.
Figure71 Login to Facebook account
11
12
Golden eye
Also, we test it by typing random letters in Arabic in Google translation and different
keystrokes.
Figure 19 typing random Arabic letter
The second test we used is "Screenshot" monitoring. We put the setting on take screenshot
picture every 20 seconds.
Figure 20: Screenshot setting
After that, we did some bank activity in Alahli Online website while the Golden Eye tacking
screenshot.
12
13
Golden eye
Results and Analysis
After testing Keystrokes Monitor capability, we found the following:
1) When we open the software with "Report" tab and choose Keystrokes radio button,
we see all the keystrokes recorded with username that logged in to PC, Time
including date & time, Type, and content. The last row represents the password for
the Facebook account.
Figure17 Keystrokes results
2) When we click on "Report Output" button then choose Keystrokes and Window Title
then clicks on "Create Report" button. HTML page has been created with all details.
Figure11 create report
13
14
Golden eye
Figure12 HTML report
Here we see that the Facebook window title and Password has been recorded which is very
easy to attacker to recognize that the recorded pattern is a password for Facebook account by
Window title record and Time.
Figure13 report result
14
15
Golden eye
After finishing the bank activity to test Screenshot Monitor capability, Golden Eye tack
screenshots for different website’s pages.
Figure 25: Screenshot result
Some of these images shot a really sensitive information like one of privet number for the
back account. This information make guessing privet number easier for the spy. The good
thing here is Alahli Online website does not show whole numbers at the same moment, it
shows the number in the fields one by one which make this difficult to spy on it through
screenshot.
Figure 26: Bank's privet number
15
16
Golden eye
Countermeasures and Suggestions
There are many ways to protect our systems from spying, these some of procedures that use
to fight spyware:
1) Installing anti-spyware
Nowadays, it is very important to have anti-spyware as essential as having antivirus
software. Installing an anti-spyware like Spy Sweeper is one of common ways to protect
your information from the spies. These types of software work on scanning the system to
extract the known spyware files. It is hard to defined a way to track suspicious activities,
so anti-spyware need to be connecting with Internet for subscription service. This service
will update known spyware list continuously.
2) Flow the anti-spyware policies
Installing anti-spyware is not enough, appropriate policies must be in place in order to protect
our system. These are some of main policies:
•
•
•
•
•
Block all the unknown pop-up windows in browser like anonymous advertising
source or asking to download something.
Deleting or blocking the cookies that contain a sensitive information because any
website can read any cookie that saved in the machine.
Configured the browser to block any scripts that run without user permission.
Never download unknown or suspicious attachments in email because they might be
unsafe.
Never download any browser skin, utility, application, or screen saver from
untrustworthy websites.
16
17
Golden eye
Conclusion
In conclusion, computer security culture is very important for each user whatever his
experience. Nowadays there are many of technologies and tools used either to attack and
harm others or to save and protect our data and devices. Spying on others considered a
cybercrime, unfortunately many tools available for spying propose. In the other hands
thousands of techniques used to protect our data and devices against spy attack.
In tools presentation section of this paper we present Golden eye tool, it is one of the
tools available on kali Linux and windows operating system, it for spying and monitoring
user activity on the device. It has many feature like for example keystrokes spay this
feature record whatever the user click on his keyboard in which his typing is saved in the
tool so that the attacker easily can have all the user sensitive data like his passwords.
In the last section, the countermeasures were introduced. The suggestion was to follow
one of the two ways to protect our devices from spyware. The first procedure is to Install
anti-spyware were These types of software work on scanning the system to extract the
known spyware files. The second procedure is to flow the anti-spyware policies.
17
Computer Data Security and Privacy
Topic of the project Hydra (KaLi tool)
This project is meant to provide you with practical experience in Computer Data Security and Privacy.
Specifically, the objectives of this project are:
- To give a new user some basic idea of security tools in Kali Linux.
- To practice some professional communication skills with your team and different stakeholders.
Project Description:
Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security
Auditing. Kali contains several hundred tools aimed at various information security tasks, such as
Penetration Testing, Forensics and Reverse Engineering. Kali Linux is developed, funded and
maintained by Offensive Security, a leading information security training company.
1. Project submission:
- You should deliver a report that provides the tool presentation, the used procedure, the result and
the proposed solution.
2. Plagiarism:
- Your report should reflect your own ideas and work.
- You will submit the report as a safe assignment, which checks the percentage of plagiarism.
8. Report Structure:
-
15 to 25 pages
Font size :12 for all the text , Bold for the titles , font : Types new Romance , line and paragraph
spacing " 1" and header include " page number , title of the project " .
Report Structure :
Introduction (1 point)
Tool presentation (2 points)
Used procedure (2 points)
Result and Analysis (2 points)
Countermeasures (2 points)
Conclusion (1 point)
Golden eye
I
Golden eye
Contents
Introduction ........................................................................................................................................... 1
Kali Tools: ........................................................................................................................................... 1
❖
❖
❖
❖
Wireshark ............................................................................................................................... 1
Johan the Ripper..................................................................................................................... 1
OWASP Zed............................................................................................................................. 1
Golden eye ............................................................................................................................. 1
Tool Presentation ................................................................................................................................... 2
Tools features: ................................................................................................................................... 2
Keystrokes ...................................................................................................................................... 2
Web Spy ......................................................................................................................................... 2
Application Spy .............................................................................................................................. 2
File/Folder Operation Spy .............................................................................................................. 2
Screenshot Recorder ...................................................................................................................... 2
Start-up/Shutdown Spy.................................................................................................................. 2
Exe File Path Spy ............................................................................................................................ 2
Interface Overview................................................................................................................................. 3
Used Procedure..................................................................................................................................... 11
Results and Analysis .............................................................................................................................. 13
Countermeasures and Suggestions....................................................................................................... 16
Conclusion ............................................................................................................................................. 17
I
II
Golden eye
Table of figures
Figure 1 Main interface of Golden Eye .................................................................................................. 3
Figure 2 tools tabs .................................................................................................................................. 3
Figure 3 bottom bar of the tools............................................................................................................ 3
Figure 4 available mood ......................................................................................................................... 4
Figure 5 Report tab ................................................................................................................................ 5
Figure 6 report selection ........................................................................................................................ 5
Figure 7 Reply screenshot option .......................................................................................................... 6
Figure 8 Fined text option ...................................................................................................................... 6
Figure 9 delete selected record (A)........................................................................................................ 7
Figure 10 delete select record (B) .......................................................................................................... 7
Figure 11 delete all record (A) ............................................................................................................... 8
Figure 12 delete all record (B)................................................................................................................ 8
Figure 13 report output (A).................................................................................................................... 9
Figure 14 Monitoring tab ....................................................................................................................... 9
Figure 15 option tab.............................................................................................................................. 10
Figure 16 About tab .............................................................................................................................. 10
Figure71 Enable key board Monitor ..................................................................................................... 11
Figure71 Login to Facebook account .................................................................................................... 11
Figure 19 typing random Arabic letter .................................................................................................. 12
Figure 20: Screenshot setting ............................................................................................................... 12
Figure17 Keystrokes results .................................................................................................................. 13
Figure11 create report.......................................................................................................................... 13
Figure12 HTML report .......................................................................................................................... 14
Figure13 report result........................................................................................................................... 14
Figure 25: Screenshot result ................................................................................................................. 15
Figure 26: Bank's privet number ........................................................................................................... 15
II
III
Golden eye
Table of tables
Table 1 tool tabs overview ..................................................................................................................... 4
III
1
Golden eye
Introduction
Linux environment is well known secure environment, multiple factor play role in this strong
feature one major factor is that Linux have wide environmental diversity. Like there is many
of Linux shells and distributions, where the malicious attacker find it difficult target to attack
due to wide diversity. one of the best distribution for security purpose is Kali Linux where
announced on March 13, 2013 maintained and funded by offensive security Ltd. Kali is built
upon Debian operating system. It specialized for digital forensics and penetration testing.
Wireshark, nmap, Armitage, Johan the ripper password, OWASP ZAP and Brup suite are few
examples of preinstalled penetration testing program. Where it has over 300 preinstalled
testing program. Multiple choice to run kali environment: booting from hard disk, booting
from live CD or flash memory or by virtual machine.
The minimum requirement for kali installation is 10 GB hard disk, 512MB RAM for i386 and
AMD64 architecture. It is available for both 32- bit and 64-bit machine instruction set, also it
is available on some smartphone such as Nexus 5,6,7,9,10 and some of Samsung galaxy
smartphone.
Kali Tools:
As mentioned previously kali have over 300 preinstalled security tools, the following are the
most used and popular tools:
❖
Wireshark
Free and open source software released under terms of GNU public licences. Used by
professional and novice network analyser, it can be used for many purpose such as
educational uses or for monitoring, troubleshooting and analysing the network. It run on
different platform such us Linux, MacOs and windows.
❖
Johan the Ripper
One of the most used tool for password cracking, it run on different platform. Johan the
Ripper have different mode, one of them use dictionary attack. Another one is brute force
mode.
❖
❖
OWASP Zed
Open Source Web Application Security Scanner, used by professional security tester as well
as novice one. OWASP Zed have many feature such us: Traditional AJAX Web crawlers,
forced browsing and intercepting proxy server.
Golden eye
Spy software used for monitoring all the activity done on user computer. All activities are
recorded in a hidden file in different form. This report will shade light on this tool in details.
And we will test this tool on windows platform.
1
2
Golden eye
Tool Presentation
A powerful tool designed to monitoring and spying all kinds of movement in the device. It is
work like surveillance camera record all the activity done on the device, the result of the
process is stored on a secure file to return to it latter. Golden eye generates a report in
different format, an interactive report format and a Html report format.
Tools features:
The following are the available monitoring and spying built-in engines in golden eye
software:
Keystrokes
all the keystrokes are fully monitored, like for example Email, passwords, messages and
username.
Web Spy
record and monitor all visited websites, the only supported browser is internet explorer.
Application Spy
spy on all opened application window on the device.
File/Folder Operation Spy
record all operations and process done on files/folders, such as folder creation, file deletion
and so on.
Screenshot Recorder
it provides a full monitoring of device screen by take either a screenshot for an active
application or full screen screenshot. Screenshot can take every amount of time that the user
specified.
Start-up/Shutdown Spy
Record all shootdown/start-up with timestamp.
Exe File Path Spy
Record
the
Instant Messenger Spy
execute
file path
of
active
application.
Monitor and record all instant messages on instant messenger Like Yahoo Messenger, MSN
Messenger, etc.
2
3
Golden eye
Interface Overview
At the first stage, when you open Golden Eye tool the main interface is shown as in figure 1.
Figure 1 Main interface of Golden Eye
At the top of the interface there are many tabs user can move in between. Figure 2 show the
tabs available on the tools
Figure 2 tools tabs
As it appears in the figure 3, from the bottom bar appear in the main interface you can start
monitoring, stop, hide and exit the tool from this interface.
Figure 3 bottom bar of the tools
By
default, the selected tab in the interface is General tab, where on the right of the screen there
are two different mode to select, invisible mode in which the tool become invisible form user
computer and all shortcuts removed. To run the tools when it in invisible mood type
GoldenEye in the RUN menu.
The second one is Normal mode in which it visible to the user and it run normally – by
clicking on tools icon to open it –.
Figure 4 show both mode.
3
4
Golden eye
Figure 4 available mood
In table 1 more
detailed information about tool tabs (return to figure 2).
General
this tab selected by default as the main
interface of the tool. From this tab, you can
change the mode either to invisible or
normal mode.
Report
From this tab, you can see the result of your
monitoring and recording. There are many of
options to select Like Keystroke, website,
screenshot, etc. or you can select all option
to see the whole recording. Also, you can
delete, refresh the report and see the report
output.
Monitoring
From this tab, you can tick on what to
monitor and select some specification
Option
In this tab, you can change some option
related to password protection, hotkey, log
file, start and user account.
about
From this tab, you can check any update, and
there some information about tools.
Table 1 tool tabs overview
4
5
Golden eye
The second tab is report tab, where on the top of the interface you can select which report
information to include figure 5 show All option selected whre in figure 6 show only the
kestroks .
Figure 5 Report tab
Figure 6 report selection
In figure 7, when select repley secrenshot the interface “show secrenshot” and you can move
between the shots from the top buttns.
5
6
Golden eye
Figure 7 Reply screenshot option
Also , you can search the result by cliking on the finde icon.
Figure 8 Fined text option
6
7
Golden eye
In figure 9 and 10 show deletion process of a selected record
Figure 9 delete selected record (A)
Figure 10 delete select record (B)
7
8
Golden eye
While in figure 11 and 12 show deletion process of all records
Figure 11 delete all record (A)
Figure 12 delete all record (B)
8
9
Golden eye
To create a report in html format just we click on report output.
Figure 13 report output (A)
In monitoring tab, we can change the specification of monitoring for screenshot, keyboard
and password, internet, clipboard, application, File/folder operation and messages.
Figure 14 Monitoring tab
9
10
Golden eye
In option tab the user can modfiy the configurition of tools ,like passowred protiction where
you can show the tools only by entring passwored. And many others configration.
Figure 15 option tab
Finally, About tab include information about the tool and to check any update for tool.
Figure 16 About tab
10
11
Golden eye
Used Procedure
We started the test procedure by downloading Golden eye software on windows 10. The first
test we used is "Keystrokes" monitoring and Window titles recording. First, we open the
software then from Monitoring tab, we check "Enable key board Monitor" and "Enable
Window Title Monitoring" then we click on Start Monitoring button.
Figure71 Enable key board Monitor
We test the recording of password typing by logging in to Facebook account and see if the
software will record the password with website’s window title or not.
Figure71 Login to Facebook account
11
12
Golden eye
Also, we test it by typing random letters in Arabic in Google translation and different
keystrokes.
Figure 19 typing random Arabic letter
The second test we used is "Screenshot" monitoring. We put the setting on take screenshot
picture every 20 seconds.
Figure 20: Screenshot setting
After that, we did some bank activity in Alahli Online website while the Golden Eye tacking
screenshot.
12
13
Golden eye
Results and Analysis
After testing Keystrokes Monitor capability, we found the following:
1) When we open the software with "Report" tab and choose Keystrokes radio button,
we see all the keystrokes recorded with username that logged in to PC, Time
including date & time, Type, and content. The last row represents the password for
the Facebook account.
Figure17 Keystrokes results
2) When we click on "Report Output" button then choose Keystrokes and Window Title
then clicks on "Create Report" button. HTML page has been created with all details.
Figure11 create report
13
14
Golden eye
Figure12 HTML report
Here we see that the Facebook window title and Password has been recorded which is very
easy to attacker to recognize that the recorded pattern is a password for Facebook account by
Window title record and Time.
Figure13 report result
14
15
Golden eye
After finishing the bank activity to test Screenshot Monitor capability, Golden Eye tack
screenshots for different website’s pages.
Figure 25: Screenshot result
Some of these images shot a really sensitive information like one of privet number for the
back account. This information make guessing privet number easier for the spy. The good
thing here is Alahli Online website does not show whole numbers at the same moment, it
shows the number in the fields one by one which make this difficult to spy on it through
screenshot.
Figure 26: Bank's privet number
15
16
Golden eye
Countermeasures and Suggestions
There are many ways to protect our systems from spying, these some of procedures that use
to fight spyware:
1) Installing anti-spyware
Nowadays, it is very important to have anti-spyware as essential as having antivirus
software. Installing an anti-spyware like Spy Sweeper is one of common ways to protect
your information from the spies. These types of software work on scanning the system to
extract the known spyware files. It is hard to defined a way to track suspicious activities,
so anti-spyware need to be connecting with Internet for subscription service. This service
will update known spyware list continuously.
2) Flow the anti-spyware policies
Installing anti-spyware is not enough, appropriate policies must be in place in order to protect
our system. These are some of main policies:
•
•
•
•
•
Block all the unknown pop-up windows in browser like anonymous advertising
source or asking to download something.
Deleting or blocking the cookies that contain a sensitive information because any
website can read any cookie that saved in the machine.
Configured the browser to block any scripts that run without user permission.
Never download unknown or suspicious attachments in email because they might be
unsafe.
Never download any browser skin, utility, application, or screen saver from
untrustworthy websites.
16
17
Golden eye
Conclusion
In conclusion, computer security culture is very important for each user whatever his
experience. Nowadays there are many of technologies and tools used either to attack and
harm others or to save and protect our data and devices. Spying on others considered a
cybercrime, unfortunately many tools available for spying propose. In the other hands
thousands of techniques used to protect our data and devices against spy attack.
In tools presentation section of this paper we present Golden eye tool, it is one of the
tools available on kali Linux and windows operating system, it for spying and monitoring
user activity on the device. It has many feature like for example keystrokes spay this
feature record whatever the user click on his keyboard in which his typing is saved in the
tool so that the attacker easily can have all the user sensitive data like his passwords.
In the last section, the countermeasures were introduced. The suggestion was to follow
one of the two ways to protect our devices from spyware. The first procedure is to Install
anti-spyware were These types of software work on scanning the system to extract the
known spyware files. The second procedure is to flow the anti-spyware policies.
17