Os Detection Techniques and OS fingerprinting Os Detection Techniques – Background information This is a list of Os Detection Techniques, with explanations for all the active and passive Os Detection Techniques I can find for remote operating system identification – there is a massive list of sources at the end. Read more…
I have decided to start studying towards a CISSP and / or an OSCP, as part of that I saw an excellent blog post recommending to go through a lot of CTF challenges from vulnhub.com. These are my Kioptrix walkthrough guides / findings and observations for each of the first Read more…
This is a WordPress Security mega-post containing a lot of best-practice information on securing, hardening, updating and maintaining a WordPress site. Used by more than 60 million websites, including 30% of the top 10 million websites as of April 2018, WordPress is the most popular website management system in use. Read more…
Installing and configuring the fail2ban centos service fail2ban is a service for linux systems that checks log files for failed login attempts and automatically inserts firewall rules to block further attempts at logins from those IP addresses for a specified amount of time. Installing fail2ban on centos is relatively easy Read more…
This tutorial will show you how to make a Raspberry Pi hack tool by installing Kali on the Raspberry Pi – by the end of this guide you will have a Kali Raspberry Pi hacking tool with lots of tools ready for use! Install Kali on the Raspberry Pi Following Read more…
If you have ssh with keys for authentication setup on your system, and you use vagrant then you can combine the two to have all your ssh keys automatically shared with your vagrant machine vim ~/.ssh/config Host 192.168.x.x ForwardAgent Read more…
Vagrant with sshfs. You can use sshfs in vagrant with only a private network. This is fine if you are doing all your devlopment from a single machine and dont need to access the vagrant box from your network, but if you need to run some testing from an external Read more…
Metasploitable background: What is metasploitable? “Metasploitable is a Virtual Machine that is built from the ground up with a large amount of security vulnerabilities. It is intended to be used as a target for testing exploits with metasploit.” Why do we need metasploitable? One of the problems you encounter when Read more…
Continuing on from my original metasploit beginners tutorial, here is a slightly more advanced Metasploit tutorial on how to use metasploit to scan for vulnerabilities. The outcome of this tutorial will be to gather information on a host and its running services and their versions and vulnerabilities, rather than to Read more…
It turns out that coding in php on android is possible (even if its not as good as on a mac, linux or even windows). In this blog post I’ll go into some editors, IDE’s and other options for editing php code (and running a development LAMP stack) on your Read more…
This is a short post on how to setup a dvwa vagrant box for your testing. I recommend this method when installing and testing new tools (and even for developing tools of your own) – there are known vulnerabilities in this system, so you can use the scientific method while Read more…
I have a router running dd-wrt. sometimes the dd-wrt web ui crashes and you cant access the interface, but your WAN connection works, and you can still login via ssh On the dd-wrt command-line there are a couple of utilities available to let you start and stop services. If your Read more…
Pihole on a raspberry pi – making a network wide advert blocker with a raspberry pi. I have a router using dnsmasq with adblocking setup on my router. I also have a raspberry pi (which was being used as a retropi machine). I also have a Pizero. My retropi setup Read more…
Hardening ssl ciphers. I wrote a post previously about disabling sslv2 and enabling sslv3 and tlsv1. Times have changed since then, its been best-practice for a long time now to only use tlsv1.1 and tlsv1.2 with forward secrecy. This post replaces the previous post, and will be updated with the Read more…
This post will explain ddwrt dnsmasq caching dns server configuration Using a ddwrt dnsmasq caching dns server lets machines in your LAN resolve DNS from a machine inside your local network, ultimately reducing the time to resolve an IP address from a domain name. If there is a result in Read more…
[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.0.47″][et_pb_row admin_label=”row” _builder_version=”3.0.48″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.0.47″ parallax=”off” parallax_method=”on”][et_pb_text admin_label=”Text” _builder_version=”3.0.74″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”] This is a short post on Installing vagrant on centos 7. First, you need to download vagrant – head over to http://www.vagrantup.com/downloads and copy the url to the current vagrant package in Read more…
This post will show you how to mount a remote ssh filesystem as a ‘drive’ in osx using a bash script, osxfuse and brew. There are a few ways to go about this, all of them require a bit of setup and tweaking, But I found this to be the Read more…
Since I released my first public wordpress theme (I have made lots of themes over the years, but have never released any as open-source) I decided I would share the build process for multiloquent theme – just incase anyone wanted to know. the tools I use: 1) eclipse (zend-php-eclipse) 2) Read more…
While probably not the best platform to do web development on, an ipad can be used to create code for your website. I use my ipad mini (in emergencies) to fix code if needs be. there are lots of apps out there, but the ones I choose to help me Read more…
mc for mac osx! GNU Midnight Commander – mc – is an excellent orthodox text mode file manager. mc runs in your console, and has mouse support. It also has support for utf-8. It has a builtin editor (though you can configure your own, so you can use vim if Read more…
I wanted to delete my old time machine backup from my western digital mybook world i didnt need it for anything, as I have a backup of it :D i found two ways to do it. method 1 – ssh. if you have ssh enabled on your mybook world then Read more…
This will show you how to mount a remote directory in finder using sftp. (Mount sftp folder with finder). There is a link at the bottom to a post to mount any remote system you have ssh access to using homebrew. check that out if you like working with the Read more…
This post will show you a few of the cool useful linux and osx commandline tools that I use every day. They are mostly available for osx, but some require fink or brew to install on a mac. # ssh available by default on osx and linux. lets you log Read more…
This will show you how to use ssh with keys for authentication. this has a couple of advantages over using passwords: 1) you can enable key only logins. 2) you dont need to type [or remember] passwords You will need two machines (though you probably know this already): remotehost.com – Read more…
This blog post is quite easy, it shows you how to install rkhunter on a linux machine and how to configure rkhunter to run periodically using a cron job. RKhunter (rootkit hunter) is a program that takes a fingerprint of installed files and directories in your machine during install and Read more…
Yesterday I was securing a server to pass the PCI tests and the Mcaffee tests for a client of our’s. We have a Basic iptables firewall for linux that we use as a template – I didnt manage to get the firewall rules set properly for the client, so I Read more…
This post is old. the information is not kept up-to-date. for the current best-practice, including how to disable sslv2, please see this post This is something that comes up all the time when clients are having PCI compliance scans done on their servers, or when checking your score on ssl Read more…