• Subscribe to the low volume list for updates.

Archives of Security Research

Brief History of Internet Wide Scanning

In the beginning there were Google Dorks; as far back as 2002 security researches discovered that specific Google queries could reveal Internet connected devices. Seventeen years later it is still possible to find thousands of unsecured remotely accessible security cameras and printers via simple Google searches. Now using search engines such as Shodan.io and Censys.io […]
Read More

Analysis of Top 100K WordPress Sites

CMS Detection Methodology The methodology used to determine the underlying technology of web sites is to search for specific strings within the HTML or the HTTP Headers provided by the web server. For WordPress our process is a simple matter of downloading the headers and page source from all sites in the Alexa top 1 […]
Read More

Maltego Transforms

Creating Local Maltego Transforms for our DNS reconnaissance tools has been on my to do list for a while now. I am happy to say they are now available and it is a sweet way to perform infrastructure mapping from a domain. What is Maltego? Maltego is a cross platform application, for performing link analysis. […]
Read More

Cowrie Honeypot on Ubuntu

Cowrie is the new fork of the Kippo Honeypot. It has been updated with new features and provides emulation that records the session of an attacker. With this session recording you are able to get a better understanding of the attackers tools, tactics and procedures (TTPs). A term that is increasing being used in Cyber […]
Read More

15 Essential Open Source Security Tools

There are thousands of open source security tools with both defensive and offensive security capabilities. The following are 10 15* essential security tools that will help you to secure your systems and networks. These open source security tools have been given the essential rating due to the fact that they are effective, well supported and […]
Read More

16 Offensive Security Tools for SysAdmins

Offensive security tools are used by security professionals for testing and demonstrating security weakness. Systems Administrators and other IT professionals will benefit from having an understanding of at least the capabilities of these tools. Benefits include preparing systems to defend against these types of attacks and being able to identify the attacks in the case […]
Read More

Enable OSSEC Active Response

Many OSSEC users start off running with Active response disabled to ensure that the OSSEC agent does not affect the server especially when running in a live production environment. Once you have an understanding of the number of alerts and types of alerts you are seeing, it is a good idea to enable Active response. […]
Read More

Proxy your Phone to Burp

In this guide we configure Burp Suite to proxy all the traffic from your phone, tablet or other wifi device. As a bonus you will also have full access to all the WIFI packets for consumption by Wireshark or your traffic analysis tool of choice.  Use this traffic analysis technique to hunt bug bounties in […]
Read More

Quietly Mapping the Network Attack Surface

When assessing the network security of an organization it is important to understand the breadth of the attack surface. A single forgotten host or web application in the network will often become the initial foothold for an attacker. Passively Mapping the Network Attack Surface Using open source intelligence (OSINT) techniques and tools it is possible […]
Read More

WordPress Security Testing with Nmap

With the popularity of WordPress as a publishing platform, security testing is an important part of ensuring the installation is secure. Nmap has a couple of NSE scripts specifically for the testing of WordPress installations. Using those scripts as a base I have developed a couple more that expand the capabilities of using Nmap to […]
Read More