To install OpenVAS 9 on Ubuntu 16.04 we will use the third party binary package method. While we could build from source the packages allow us to get OpenVAS up and running quickly and with minimal fuss. If you are installing OpenVAS into an Ubuntu virtual machine I suggest adding as much CPU as you […]
Enable OSSEC Active Response
Many OSSEC users start of running with active response disabled to ensure that the OSSEC agent does not affect the server especially when running in a live production environment. Once you have an understanding of the number of alerts and types of alerts you are seeing, it is a good idea to enable active response. […]
Proxy your Phone to Burp
In this guide we configure Burp Suite to proxy all the traffic from your phone, tablet or other wifi device. As a bonus you will also have full access to all the WIFI packets for consumption by Wireshark or your traffic analysis tool of choice. Use this traffic analysis technique to hunt bug bounties in […]
Exploring the Hacker Tools of Mr Robot
The debut season of Mr Robot has received a nod from the security focused twitters for its attempts at trying to keep things for the most part realistic. In the episodes so far we have seen hacker types communicating , there are as far as the eye can see and the main character . Of […]
Quietly Mapping the Network Attack Surface
When assessing the network security of an organization it is important to understand the breadth of the attack surface. A single forgotten host or web application in the network will often become the initial foothold for an attacker. Passively Mapping the Network Attack Surface Using open source intelligence (OSINT) techniques and tools it is possible […]
tshark tutorial and filter examples
tshark is a packet capture tool that also has powerful reading and parsing features for pcap analysis. Rather than repeat the information in the extensive man page and on the wireshark.org documentation archive, I will focus on providing practical examples for how you can get started using tshark and begin carving valuable information from the […]
WordPress Security Testing with Nmap
With the popularity of WordPress as a publishing platform, security testing is an important part of ensuring the installation is secure. Nmap has a couple of NSE scripts specifically for the testing of WordPress installations. Using those scripts as a base I have developed a couple more that expand the capabilities of using Nmap to […]
28 Days After Drupal Exploit
Last month a critical Drupal security exploit was released. Critical vulnerabilities in the core of content management systems are not as common as they once were, as can be seen in the amount of media coverage that this one generated. Using a custom Nmap NSE script I surveyed the top 10 thousand sites that are […]
7 Nmap NSE Scripts for Recon
As with any security testing, make sure you fully understand what the script will do and how it might affect a target system. Only test systems you have permission to scan! Information Gathering 1. DNS Brute Force Find sub-domains with this script. Detecting sub-domains associated with an organizations domain can reveal new targets when performing […]
Parse Nmap XML to get SSL Certificate details
Extract SSL certificate details from a range of IP addresses using Nmap XML and a simple python script. The python script parses the Nmap XML output from the ssl-cert.nse script and produces csv output with the target SSL certificate details. When compiling Nmap you will need to have the libssl-dev package installed as Nmap nse […]