• Subscribe to the low volume list for updates.

Blog

500K HTTP Headers

Recently we crawled the Top 500K sites (as ranked by Alexa). Following requests from readers we are making available the HTTP Headers for research purposes. Download Headers (75MB) The publication of the statistics of WordPress usage is an example of the research that can be conducted. It is possible to determine Web Applications, Web Servers, […]
Read More

Install OpenVAS 7 on Ubuntu 14.04

Get started with OpenVAS version 7 with this straight forward installation guide. Ubuntu 14.04 is a LTS release meaning it is a good option for any server including an OpenVAS vulnerability scanning server.  Update - jump to latest install OpenVas version 9 on Ubuntu 16.04 released 2017. A nice change in the latest version of […]
Read More

WPScan Install on Ubuntu

WPScan can test a WordPress installation for security vulnerabilities. The tool is a black box scanner, it allows remote testing of a WordPress installation. Find vulnerable plugins and themes, security configuration issues and attack users by brute forcing passwords. Installation on Ubuntu Linux is pretty straight forward and you will be up and running in […]
Read More

Defending WordPress with OSSEC

In a previous post, I covered the ways a WordPress site can be attacked. Using the open source OSSEC the majority of those attacks can be detected and even blocked at the system level. OSSEC is a host based Intrusion Detection System (HIDS). It can also be installed as an Intrusion Prevention System (IPS) as […]
Read More

Attacking & Securing WordPress

Learn the tips and techniques used to attack and break into WordPress based websites. With knowledge of these hacker techniques, you will be better prepared to keep your sites secure. Penetration testers or red teams wishing to exploit WordPress targets will also find helpful pointers in this guide. Enumeration (Recon) 1. WordPress Core Version Enumeration […]
Read More

Online Firewall Test for Work or Home

Firewall Testing is the only way to accurately confirm whether the firewall is working as expected. Complicated firewall rules, poor management interfaces, and other factors often make it difficult to determine the status of a firewall. By using an external port scanner it is possible to accurately determine the firewall status. This type of firewall […]
Read More