Daniel Roberson

credential stuffing

0001-01-01

credential stuffing is a cyberattack where the attackers take stolen credentials from one source, and try them across a wide variety of systems.

For example, if someone’s book club is breached and they login as sallyluvzbooks@gmail.com with a password of “Dickens1234!”, the attacker would try these against Gmail, Netflix, Spotify, and a number of others to gain additional access.

https://en.wikipedia.org/wiki/Credential_stuffing

Links to this note

Recent Posts

Linux Persistence: Modular Software

2025-04-17 DFIR CTF persistence linux persistence apache asterisk

Linux Persistence: Web Shells

2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP

Linux Persistence: Rootkits

2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking

Linux Persistence: Processes

2025-04-11 DFIR persistence processes linux persistence processes

Defanging Linux LKM Rootkits With cleanup_module()

2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit