Parse Nmap XML to get SSL Certificate details

Extract SSL certificate details from a range of IP addresses using Nmap XML and a simple python script. The python script parses the Nmap XML output from the ssl-cert.nse script and produces csv output with the target SSL certificate details. When compiling Nmap you will need to have the libssl-dev package installed as Nmap nse […]

Continue Reading

List all IPs in Subnet with Nmap

testsystem:~$ nmap -sL -n 192.168.1.0/30 Starting Nmap 6.25 ( http://nmap.org ) at 2014-05-17 23:33 EST Nmap scan report for 192.168.1.0 Nmap scan report for 192.168.1.1 Nmap scan report for 192.168.1.2 Nmap scan report for 192.168.1.3 Nmap done: 4 IP addresses (0 hosts up) scanned in 0.00 seconds In the second example the results are piped […]

Continue Reading

500K HTTP Headers

Recently we crawled the Top 500K sites (as ranked by Alexa). Following requests from readers we are making available the HTTP Headers for research purposes. Download Headers (75MB) The publication of the statistics of WordPress usage is an example of the research that can be conducted. It is possible to determine Web Applications, Web Servers, […]

Continue Reading

WordPress Statistics for the Top 500K Sites

Results in the charts below are derived from examining the Alexa top 500K sites. WordPress sites were identified through discovery of /wp-content/plugins/ and / or /wp-content/themes/ in the HTML source of the page. 104684 / 500K = 20.9%sites were found to be running WordPress Other studies of WordPress have found total number of WordPress sites […]

Continue Reading

Install OpenVAS 7 on Ubuntu 14.04

Get started with OpenVAS version 7 with this straight forward installation guide. Ubuntu 14.04 is a LTS release meaning it is a good option for any server including an OpenVAS vulnerability scanning server. A nice change in the latest version of OpenVAS is the simplification of the structure. There are now four components that make […]

Continue Reading

Testing Heartbleed with the Nmap NSE script

Everywhere is buzzing with news of the Heartbleed vulnerability in OpenSSL. If you are living under a rock and have missed it just turn on the mainstream news. Not that you will get much detail there… this is a quick tutorial to show you how to test for the vulnerability using a handy Nmap NSE […]

Continue Reading

Remote access granted

In the beginning there were Google Dorks, by entering specific search queries into Google you can still find thousands of unsecured remotely accessible security cameras and printers. Want to print 500 copies of your butt on a random printer on the other side of the world? This was and still is an entirely feasible party […]

Continue Reading

WPScan Install on Ubuntu

WPScan can test a WordPress installation for security vulnerabilities. The tool is a scanner, it allows remote testing of a WordPress installation. Find vulnerable plugins and themes, security configuration issues and attack users by brute forcing passwords. Installation on Ubuntu Linux is easy and you will be up and running in a few minutes – […]

Continue Reading

Defending WordPress with OSSEC

In a recent post I covered the ways a WordPress site can be attacked. Using the open source OSSEC the majority of those attacks can be detected and even blocked at the system level. Note that using OSSEC requires you to have full control of your server, generally this means either hosting on a dedicated […]

Continue Reading

Install Suricata on Ubuntu in 5 minutes

Building a network based intrusion detection capability can be done in just 5 minutes. Suricata is a tool that has been developed to monitor network traffic and look for security events that can indicate an attack or compromise. Suricata is based around the Snort IDS system, with a number of improvements; it is able to […]

Continue Reading