• Subscribe to the low volume list for updates.

Archives of Security News

PHP End of Life (a reminder)

As of December 2018 PHP 5 and 7.0 became End of Life. It is now July 2019 and up to 74% of PHP powered sites in the top 1 million are running software that is End of Life. This means there is no support and more importantly if new vulnerabilities are discovered, there will be […]
Read More

Install OpenVAS (GVM) on Kali 2019

In this setup guide, we step through the process of getting OpenVAS (GVM) running on Kali 2019. Installing OpenVAS into a Kali based system is made much easier by the inclusion of a quick setup script. When using Kali Linux for OpenVAS scanning, resource usage should always be taken into account. Whether you are running […]
Read More

Using Nmap on Windows

Running Nmap on Windows is not as difficult or problematic as it was in the past. Nmap is supported on Windows 7 and higher with performance close to if not quite as good as Linux based operating systems. The majority of users still do use *nix based systems however a good number of people use […]
Read More

DataSploit Tutorial

DataSploit Installation Often used with the Kali Linux penetration testing distribution, installing within Kali or Ubuntu Linux is a simple process. Ensure you have git and pip installed. test@ubuntu:~/$ git clone https://github.com/datasploit/datasploit test@ubuntu:~/$ cd datasploit test@ubuntu:~/datasploit/$ pip install -r requirements.txt test@ubuntu:~/datasploit/$ mv config_sample.py config.py test@ubuntu:~/datasploit/$ python datasploit.py -h True usage: datasploit.py [-h] [-i SINGLE_TARGET] [-f […]
Read More

Recon-NG Tutorial

The interactive console provides a number of helpful features, such as command completion and contextual help. This article has been updated October 2019 to reflect the changes in version 5. Recon-ng Installation Often used with the Kali Linux penetration testing distribution, installing within Kali is a simple matter of apt-get update && apt-get install recon-ng. […]
Read More

Testing Heartbleed with the Nmap NSE script

Everywhere is buzzing with news of the Heartbleed vulnerability in OpenSSL. If you are living under a rock and have missed it just turn on the mainstream news. Not that you will get much detail there... this is a quick tutorial to show you how to test for the vulnerability using a handy Nmap NSE […]
Read More

Nessus 5 on Ubuntu 12.04 install and mini review

Having yet to play with Nessus 5, today I grabbed a copy and installed it into my Ubuntu 12.04 64 bit system. Take note I am having a quick look at the product, not using it in a commercial manner as part of the work done by HackerTarget.com. This would require a professional feed license […]
Read More

Security Scan Restrictions and Updates

After performing over a quarter of a million free security scans, HackerTarget.com has decided to remove access to some of the free security scanning options. This will be a disappointment for some users but in the long run it will mean added functionality and improvements to our overall service. The primary reason for the change […]
Read More

Backdoor Corporate Networks with Metasploit

HD Moore announced a new post exploitation tool offering Meterpreter sessions over HTTPS (HTTP) that will traverse the corporate proxy. Variations on this have been available previously but have been for a number of reasons been not so stable. The purpose of this post is to raise awareness. Many IT folks are comfortable with a […]
Read More

Malware in WordPress Themes

Found an interesting article over at OttoPress with some in depth analysis of malware discovered in a theme on a less than reputable WordPress theme site. Seems there are some dodgey sites out there that have infected themes, both free ones and ripped off professional themes. Beware and check the reputation of your themes. It […]
Read More
  • 1
  • 2