• Subscribe to the low volume list for updates.

Blog

Cowrie Honeypot on Ubuntu

What is Cowrie Cowrie is the new fork of the Kippo Honeypot. It has been updated with new features and provides emulation that records the session of an attacker. With this session recording, you get a better understanding of the attackers tools, tactics, and procedures - TTPs. TTPs being a term that is increasingly being […]
Read More

DataSploit Tutorial

DataSploit Installation Often used with the Kali Linux penetration testing distribution, installing within Kali or Ubuntu Linux is a simple process. Ensure you have git and pip installed. test@ubuntu:~/$ git clone https://github.com/datasploit/datasploit test@ubuntu:~/$ cd datasploit test@ubuntu:~/datasploit/$ pip install -r requirements.txt test@ubuntu:~/datasploit/$ mv config_sample.py config.py test@ubuntu:~/datasploit/$ python datasploit.py -h True usage: datasploit.py [-h] [-i SINGLE_TARGET] [-f […]
Read More

Recon-NG Tutorial

The interactive console provides a number of helpful features, such as command completion and contextual help. This article has been updated October 2019 to reflect the changes in version 5. Recon-ng Installation Often used with the Kali Linux penetration testing distribution, installing within Kali is a simple matter of apt-get update && apt-get install recon-ng. […]
Read More

20 Open Source Security Tools for Blue Teams

20 Essential tools for Blue Teams   1. Nmap   2. OpenVAS   3. OSSEC   4. Security Onion   5. Metasploit Framework   6. OpenSSH   7. Wireshark   8. Kali Linux   9. Nikto 10. Yara 11. Arkime (formerly Moloch) 12. ZEEK (formerly Bro-IDS) 13. Snort 14. OSQuery 15. GRR - Google Rapid Response 16. ClamAV 17. Velociraptor 18. ELK Stack | […]
Read More

OpenVAS 9 install on Ubuntu 16.04

If you are installing OpenVAS into a Ubuntu virtual machine I suggest adding as much CPU as you can as this will speed up your scan times. A suggested minimum is 8GB of RAM and 4 cores. An interesting feature mentioned in the latest release is the development towards building a distributed system for large […]
Read More

16 Offensive Security Tools for SysAdmins

Security Professionals use Offensive security tools for testing and demonstrating security weaknesses. Systems Administrators and other IT professionals will benefit from having an understanding of the capabilities of these tools. Benefits include preparing systems to defend against these types of attacks and being able to identify the attacks in the case of an incident. This […]
Read More

Enable OSSEC Active Response

Many OSSEC users start with Active response disabled to ensure the OSSEC agent does not affect the server, especially when running in a live production environment. However, once you have an understanding of the number of alerts and types of alerts you are seeing, it is a good idea to enable Active response. Blocking is […]
Read More

Proxy your Phone to Burp

In this guide we configure Burp Suite to proxy all the traffic from your phone, tablet or other wifi device. As a bonus you will also have full access to all the WIFI packets for consumption by Wireshark or your traffic analysis tool of choice.  Use this traffic analysis technique to hunt bug bounties in […]
Read More

Exploring the Hacker Tools of Mr Robot

The debut season of Mr Robot has received a nod from the security focused twitters for its attempts at trying to keep things for the most part realistic. In the episodes so far, we have seen hacker types communicating using IRC, there are Linux boxes as far as the eye can see, and the main […]
Read More