Security – Tackling the hard problems
This is a quick chat from David Irvine, CEO of MadeSafe The world forces us to change. Private and public info is everywhere now. It was fine, till the companies…
Building a PWA vuejs app with wordpress API – Part 1
Building a PWA vuejs app with wordpress API - Part 1 The aim in this is to make an offline-first PWA with vuejs / axios / bootstrap using wordpress as…
image courtesy of https://www.flickr.com/photos/christiaancolen/20607701226
OS Detection Techniques
Os Detection Techniques and OS fingerprinting Os Detection Techniques - Background information This is a list of Os Detection Techniques, with explanations for all the active and passive Os Detection…
Kioptrix Walkthrough Guide
I have decided to start studying towards a CISSP and / or an OSCP, as part of that I saw an excellent blog post recommending to go through a lot…
Website crawler software kali linux
Spidering a web application using website crawler software in kali linux There are lots of tools to spider a web application (an companies which are based on this tech, eg…
image courtesy of https://www.flickr.com/photos/christiaancolen/20607701226
WordPress Security
This is a WordPress Security mega-post containing a lot of best-practice information on securing, hardening, updating and maintaining a Wordpress site.Used by more than 60 million websites, including 30% of…
Mod Security Web Application Firewall
What is a WAF A WAF is a web application firewall. A Web Application Firewall protects HTTP applications (eg websites) using a set of rules to protect against various common…
Metasploit for website pentest
Metasploit for website pentest using wmap. This is a short tutorial on using the wmap module inside metasploit. Wmap is a web application scanner that runs within metasploit. We can…
xdebug in brackets editor
Remote Debugging PHP in Brackets with XDebug prereqs: This post assumes you already have: a working xdebug installBrackets How to get Xdebug working with Brackets? Open BracketsGoto the extensions tab…
Remote Debugging PHP in Eclipse with XDebug
Remote Debugging PHP in Eclipse with XDebug prereqs: 1) This post assumes you already have a working xdebug install2) Eclipse Configuring Eclipse and Xdebug Open Eclipse Inside Eclipse, goto preferences…
service-oriented architecture and frameworks – SOA frameworks
service-oriented architecture and frameworks IntroductionPapazoglou, (2003) organised SOA in four architectural layers: Service Foundations, Service Composition, Service Management and Service Engineering and outlined a host of technologies that could be…
How to use metasploit to scan for vulnerabilities
Continuing on from my original metasploit beginners tutorial, here is a slightly more advanced Metasploit tutorial on how to use metasploit to scan for vulnerabilities. The outcome of this tutorial…
Coding in php on android
It turns out that coding in php on android is possible (even if its not as good as on a mac, linux or even windows). In this blog post I'll…
Ad blocking on android using dns666
Ad blocking on android using dns666. There are a ton of ad blocking apps on android, but dns666 is the best I've found after trying a number of them out…
Laravel quickstart gist using craftable and existing database schema
Laravel quickstart gist using craftable and existing database schema to generate models, etc from existing database schema. cd ~/git brew install nmp brew install nodejs curl -sS https://getcomposer.org/installer | php…
Php fpm with apache on centos7
This is a short post detailing how to manually setup php fpm with apache on centos7. php fpm is a great solution (especially when used with nginx, but you may…
Burpsuite beginners tutorial – how to use burp suite
This is a burp suite beginners tutorial. Burpsuite is a collection of tools, written in Java used to perform various network security related tasks. Burpsuite can be used as a…
Installing mariadb 10.2 mysql 5.7 in centos
Installing mariadb 10.2 mysql 5.7 in centos If you use the following method to install the latest mariadb, updates will be installed with the regular yum update commands! The first…
Mining monero in osx using xmring
There are a couple of things you need for mining monero in osx using xmring: 1) A monero wallet (get one from mymonero.com) 2) Homebrew (brew.sh) mining monero in osx…
Kali on the Chuwi Hi10 Pro – updated for Kali 2020
This post is now updated with install information for using 2020 versions of Kali on the Chuwi Hi10 Pro. When I first wrote this post I seriously wouldn't have recommended…
Chuwi Hi10 Pro ultrabook tablet convertable surface
Chuwi Hi10 Pro ultrabook tablet convertable surface - That's some title, but I'm not sure how to describe my new machine. Its a tablet, but its also a laptop -…
Linux commands for networking with command line
This post has a collection of Linux commands for networking. There are basic linux network commands, advanced linux network commands and some centos network configuration commands, but I've tried to…
Mining altcoins in centos with minergate
Altcoins exploded in 2015. Minergate is a nice little site that offers various GUI clients for cpu and gpu mining. This is a short little post about mining altcoins in…
How to install birdwatcher in kali linux
How to install birdwatcher in kali linux Birdwatcher is an OSINT data analysis and data gathering tool for twitter. Birdwatcher has been designed to feel like metasploit or recon-ng, so…
Install php7 on centos7
There are a couple of different ways to install php7 on centos7 - Installing yum-plugin-replace and inline-replaceing the whole php subsystem seems to be the easiest way: You need to…
Configuring free SSL certs with Letsencrypt in centos
Configuring free ssl certs with letsencrypt in centos Using letsencrypt in centos requires a few modifications to your centos before you can run the letsencrypt client. The setup for vhosts…
Pihole on a raspberry pi
Pihole on a raspberry pi - making a network wide advert blocker with a raspberry pi. I have a router using dnsmasq with adblocking setup on my router. I also…
Hardening ssl ciphers
Hardening ssl ciphers. I wrote a post previously about disabling sslv2 and enabling sslv3 and tlsv1. Times have changed since then, its been best-practice for a long time now to…
Ddwrt dnsmasq caching dns server
This post will explain ddwrt dnsmasq caching dns server configuration Using a ddwrt dnsmasq caching dns server lets machines in your LAN resolve DNS from a machine inside your local…
Wapiti tutorial
This post is a wapiti tutorial. You'll find various wapiti options, how to import wapiti scan results into metasploit and how you can disable wapiti modules to speed up your…
Using dnsmasq as an internal DNS server to block online adverts
This post will show you how to setup dnsmasq in order to serve dns requests for (multiple) internal domains - using dnsmasq as an internal DNS server. Using this setup…
Importing nessus6 scan results into metasploit
This is a quick post about importing nessus6 scan results into metasploit. This can be very useful for adding a ton of information into a new Metsploit database, or adding…
Multiple ip addresses on one physical NIC using virtual NICs in centos
Multiple ip addresses on one physical NIC. I have a gigabyte brix running esxi to host a few virtualised servers. I have one server for my web development. I have…
Installing mongodb on centos7
Installing mongodb on centos7: To install the mongodb server in centos7 first you have to add the mongodb repo: vim /etc/yum.repos.d/mongodb.repo Paste this into the file: [mongodb] name=MongoDB Repository baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/…
What is an sql injection attack
What is an sql injection attack? All websites process data entered by users. An input-validation attack is when unexpected user input is processed by a web server or database and…
SSHFS mount remote drive in finder
This post will show you how to mount a remote ssh filesystem as a 'drive' in osx using a bash script, osxfuse and brew. There are a few ways to…
Nikto tutorial for kali linux
This is a basic nikto tutorial for kali linux. It will get you started with nikto. For advanced usage, see 'man nikto' or the cirt website Nikto is a web…
Portfolio – Jonathan Mitchell MSc BSc MBCS
Jonathan Mitchell Portfolio About Me I have a BSc in Electronic Engineering, and an MSc in Advanced Computer Systems Development with Distinction. I was awarded the University Court Medal for…
Oracle process overview
Oracle process overview. There are 3 types of oracle processes: USER processes SERVER processes BACKGROUND processes User connected to a user application (eg sql*plus) controls the application associated with an…