A powerful tool in any security practitioners toolkit is WireShark. Having a basic understanding of wireshark usage and filters can be a time saver when you are wanting to quickly look at some “interesting” data on the wires (or wifis). Hopefully this short wireshark tutorial and cheatsheet will help you get started. Before we get [...]
Archive | Tools RSS feed for this section
psad – Port Scan Detection in Ubuntu Linux
Being quite familiar with nmap and other port scan programs, I hadn’t really played around with many port scan detection programs on the Linux Operating System. I recommend and run ossec.net as an excellent host based intrusion detection program on all my linux machines, however this does not have a native port scan detection capability. [...]
OSSEC on NGINX and Ubuntu 10.04 LTS
As mentioned in previous posts my web server has moved to a Nginx environment. Being a fan of the ossec host based intrusion detection software (hids) of course I had to add it the new host. Installed as usual. Then it was merely a matter of adding the log files (access.log and error.log) from my [...]
Security Onion LiveCD
Security based LiveCD distributions are a great way to quickly get your hands on some powerful security tools. Security Onion is no exception, if you are interested in playing with IDS or getting some intrusion detection tools up and running in a hurry you should definitely take a look at this. What is Security Onion?The [...]
Domain Profiler Launched
OSINT or Open Source Intelligence gathering is a significant first step in any penetration test or organizational vulnerability assessment. It involves gathering information related to the target and pinpointing potential access points or targets of opportunity that would eventually allow full access to the organization’s computing assets. Profiling a target organization can be done in [...]
Google builds lessons for Web Application Security
Google has put some web application security testing training lessons around a vulnerable application that you are allowed to (within the boundries) attack and test for the purpose of learning about application security threats, testing and how to develop more secure applications. This codelab is built around Gruyere /?ru??j??r/ – a small, cheesy web application [...]
HackerTarget.com – Online BlindElephant and WhatWeb Scanning
There are literally hundreds of thousands of websites running old web applications that are running vulnerable code just waiting to be hacked. It might start with a quick forum install or content management system that will keep running for years. If there were any bugs in the code, and it is a common application they [...]
BackTrack used by the NSA
As highlighted over on the backtrack site. It appears the NSA are one of the users of the excellent security testing Linux Distribution that is Back Track. That is almost as cool as Nmap being used in the Matrix. The National Security Agency and the Central Security Service tested the five U.S. service academies during [...]
