Testing Heartbleed with the Nmap NSE script

Everywhere is buzzing with news of the Heartbleed vulnerability in OpenSSL. If you are living under a rock and have missed it just turn on the mainstream news. Not that you will get much detail there… this is a quick tutorial to show you how to test for the vulnerability using a handy Nmap NSE […]

Continue Reading

Remote access granted

In the beginning there were Google Dorks, by entering specific search queries into Google you can still find thousands of unsecured remotely accessible security cameras and printers. Want to print 500 copies of your butt on a random printer on the other side of the world? This was and still is an entirely feasible party […]

Continue Reading

WPScan Install on Ubuntu

WPScan can test a WordPress installation for security vulnerabilities. The tool is a scanner, it allows remote testing of a WordPress installation. Find vulnerable plugins and themes, security configuration issues and attack users by brute forcing passwords. Installation on Ubuntu Linux is easy and you will be up and running in a few minutes – […]

Continue Reading

Defending WordPress with OSSEC

In a recent post I covered the ways a WordPress site can be attacked. Using the open source OSSEC the majority of those attacks can be detected and even blocked at the system level. Note that using OSSEC requires you to have full control of your server, generally this means either hosting on a dedicated […]

Continue Reading

Install Suricata on Ubuntu in 5 minutes

Building a network based intrusion detection capability can be done in just 5 minutes. Suricata is a tool that has been developed to monitor network traffic and look for security events that can indicate an attack or compromise. Suricata is based around the Snort IDS system, with a number of improvements; it is able to […]

Continue Reading

Attacking WordPress

These techniques can be used to attack and break into WordPress based websites. By providing details on these types of attacks the aim is to raise awareness about the need for hardening and security monitoring of WordPress. Of course any penetration testers wishing to pop a WordPress based site may also find some helpful pointers […]

Continue Reading

WordPress User Enumeration

A common technique to reveal the usernames of a WordPress based site can be undertaken with this simple bash one liner. In many WordPress installations it is possible to enumerate usernames through the author archives, (usually ID:1). This is not a new trick and is available in a number of WordPress Security Testing tools. Here […]

Continue Reading

Top WordPress sites vulnerable 6 wks after plugin patch released

In this brief analysis I look at whether plugin security updates are being applied to the most popular WordPress based sites. Everyone knows WordPress is an incredibly popular platform for not only traditional blogs but also increasingly as a full blown content management system (CMS). This popularity combined with a makes it a popular target […]

Continue Reading

ngrep and tcpflow – packet capture on a shoestring

The Ngrep and TCPflow packet capture tools are useful for fast access to packets on the wire. As you will see they make grabbing text out of the network stream a piece of cake. You may have heard of Wireshark (formerly Ethereal), a powerful network packet capture tool that enables a user to grab packets […]

Continue Reading