• Subscribe to the low volume list for updates.

Blog

Leading websites that enable IPv6 now at 2.68%

There is a need for web site owners and business to enable IPv6 on networks and public facing Internet services. HackerTarget.com has completed a second survey of the websites in the Alexa Top 1 Million to review the latest progress. The survey tested each host for the presence of an AAAA DNS record. This is […]
Read More

Firewalling Ubuntu with UFW for IPv4 + IPv6

Under Ubuntu, you can quickly build an iptables based firewall using the handy built-in firewall configuration tool UFW - Uncomplicated Firewall. Network architectures will vary, but if you are deploying Internet facing Servers you generally should be configuring a host-based firewall. It can protect listening services that don't need to be Internet accessible. In addition, […]
Read More

30 most popular Drupal themes in Top 1M websites

In this list of popular Drupal Themes in the Alexa Top 1 million, I have tallied the number of Drupal themes based on the path of the theme installation. Drupal theme counts were determined by analysing the html of the root pages in the top 1 million websites and extracting the default Drupal theme path […]
Read More

Bro-IDS Ubuntu 16.04 Install & Tutorial

Bro IDS Installation under Ubuntu 16.04 Grab the required packages using apt. apt install cmake make gcc g++ flex bison libpcap-dev libssl-dev python-dev swig zlib1g-dev libgeoip-dev We have included the libgeoip-dev package as we are going to configure our installation with GeoIP support. wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/GeoLiteCityv6.dat.gz gzip -d GeoLiteCity.dat.gz gzip -d GeoLiteCityv6.dat.gz Move the […]
Read More

Nessus, OpenVAS and Nexpose VS Metasploitable

In this high-level comparison of Nessus, Nexpose, and OpenVAS, I have not attempted a detailed metric based analysis. The reason being it would be time-consuming and difficult to get a conclusive result due to the large differences in detection and the categorization of vulnerabilities by the different solutions. I have chosen to target the 3 […]
Read More

Bing Azure API with a simple Python script under Ubuntu

To use the Bing Azure Marketplace API from the command line in Ubuntu I used Python and the following method. No doubt there are many more ways to skin this cat but this got it working for me. With that I was able to integrate the results into my scans on HackerTarget.com. Background on the […]
Read More

Egress Firewall Test

This guide outlines a method to quickly assess the egress traffic filtering of a firewall using the Nmap port scanner. Egress Traffic are connections that are initiated from within an organsiation / system to an external Internet host. Ingress Traffic are connections that are coming into a system, this is typically web servers, mail servers […]
Read More

Webscarab and Ratproxy installation and chaining

In this mini tutorial we are going to use Webscarab and Ratproxy together in a chained fashion. This will enable passive testing of a web application by Ratproxy, with more active intercepting proxy testing to be done by Webscarab. For this reason we will run Ratproxy as the first hop in the proxy chain with […]
Read More

Nessus 5 on Ubuntu 12.04 install and mini review

Having yet to play with Nessus 5, today I grabbed a copy and installed it into my Ubuntu 12.04 64 bit system. Take note I am having a quick look at the product, not using it in a commercial manner as part of the work done by HackerTarget.com. This would require a professional feed license […]
Read More

Install Rapid7’s Nexpose community edition

This is a quick overview of how to install Rapid 7 vulnerability scanner Nexpose on Ubuntu 12.04. Included is a very light review. There are different versions of the NeXpose engine, we will be using the community edition on 64 bit Linux. The company is more famous for its penetration testing framework Metasploit, so lets […]
Read More