Archive | Tools

Security tools both offensive and defensive in nature.

Install Splunk on Ubuntu in 5 mins

Splunk is a powerful log database that can be used for analysis of any sort of log data through its easy to use search engine. Security logs, Syslog, Web server logs and Windows logs are just the beginning. One of the great features of Splunk is that you can feed pretty much any log into […]

Continue Reading

11 Offensive Security Tools for SysAdmins

Offensive security tools are used by security professionals for testing and demonstrating security weakness. Systems Administrators and other IT professionals will benefit from having an understanding of at least the capabilities of these tools. Benefits include preparing systems to defend against these types of attacks and being able to identify the attacks in the case […]

Continue Reading

10 Essential Open Source Security Tools

There are thousands of open source security tools with both defensive and offensive security capabilities. The following are 10 essential security tools that will help you to secure your systems and networks. These open source security tools have been given the essential rating due to the fact that they are effective, well supported and easy […]

Continue Reading

Firewalling Ubuntu with UFW for IPv4 + IPv6

Under Ubuntu you can quickly build an based firewall using the handy built in firewall configuration tool UFW. Network architectures will vary but if you are deploying Internet facing Servers you generally should be configuring a host based firewall. It can provide protection to listening services that don’t need to be Internet accessible, in addition […]

Continue Reading

Bro-IDS installation in Ubuntu 12.04

Bro is a well regarded Intrusion Detection System (IDS) that I have always wanted to play with. In this guide I will install and get started with an install of Bro-IDS on Ubuntu. The detection focus of Bro IDS is more network flow rather than signature based and does not get the same attention as […]

Continue Reading

Nessus, OpenVAS and Nexpose VS Metasploitable

In this high level comparison of Nessus, Nexpose and OpenVAS I have made no attempt to do a detailed metric based analysis. The primary reason for this is that it would be time consuming and difficult to get a conclusive result. This is due to the large differences in not only detection but also categorization […]

Continue Reading

Bing Azure API with a simple Python script under Ubuntu

To use the Bing Azure Marketplace API from the command line in Ubuntu I used Python and the following method. No doubt there are many more ways to skin this cat but this got it working for me. With that I was able to integrate the results into my scans on HackerTarget.com. Background on the […]

Continue Reading

Egress Firewall Test

This guide outlines a method to quickly assess the egress traffic filtering of a firewall using the Nmap port scanner. Egress Traffic are connections that are initiated from within an organsiation / system to an external Internet host. Ingress Traffic are connections that are coming into a system, this is typically web servers, mail servers […]

Continue Reading

Webscarab and Ratproxy installation and chaining

In this mini tutorial we are going to use Webscarab and Ratproxy together in a chained fashion. This will enable passive testing of a web application by Ratproxy, with more active intercepting proxy testing to be done by Webscarab. For this reason we will run Ratproxy as the first hop in the proxy chain with […]

Continue Reading

Nessus 5 on Ubuntu 12.04 install and mini review

Having yet to play with Nessus 5, today I grabbed a copy and installed it into my Ubuntu 12.04 64 bit system. Take note I am having a quick look at the product, not using it in a commercial manner as part of the work done by HackerTarget.com. This would require a professional feed license […]

Continue Reading