• Subscribe to the low volume list for updates.

  • Home
  • Security Research

Archives of Security Research

28 Days After Drupal Exploit

Last month a critical Drupal security exploit was released. Critical vulnerabilities in the core of content management systems are not as common as they once were, as can be seen in the amount of media coverage that this one generated. Using a custom Nmap NSE script I surveyed the top 10 thousand sites that are […]
Read More

500K HTTP Headers

Recently we crawled the Top 500K sites (as ranked by Alexa). Following requests from readers we are making available the HTTP Headers for research purposes. Download Headers (75MB) The publication of the statistics of WordPress usage is an example of the research that can be conducted. It is possible to determine Web Applications, Web Servers, […]
Read More

Testing Heartbleed with the Nmap NSE script

Everywhere is buzzing with news of the Heartbleed vulnerability in OpenSSL. If you are living under a rock and have missed it just turn on the mainstream news. Not that you will get much detail there... this is a quick tutorial to show you how to test for the vulnerability using a handy Nmap NSE […]
Read More

Defending WordPress with OSSEC

In a recent post I covered the ways a WordPress site can be attacked. Using the open source OSSEC the majority of those attacks can be detected and even blocked at the system level. Note that using OSSEC requires you to have full control of your server, generally this means either hosting on a dedicated […]
Read More

Install Suricata on Ubuntu in 5 minutes

Building a network based intrusion detection capability can be done in just 5 minutes. Suricata is a tool that has been developed to monitor network traffic and look for security events that can indicate an attack or compromise. Suricata is based around the Snort IDS system, with a number of improvements; it is able to […]
Read More

Attacking WordPress

These techniques can be used to attack and break into WordPress based websites. By providing details on these types of attacks the aim is to raise awareness about the need for hardening and security monitoring of WordPress. Of course any penetration testers wishing to pop a WordPress based site may also find some helpful pointers […]
Read More

WordPress User Enumeration

A common technique to reveal the usernames of a WordPress based site can be undertaken with this simple bash one liner. In many WordPress installations it is possible to enumerate usernames through the author archives, including the admin username (usually ID:1). This is not a new trick and is available in a number of WordPress […]
Read More

Top WordPress sites vulnerable 6 wks after plugin patch released

Background on the Vulnerabilities W3 Total Cache and WP Super Cache two of the WordPress communities most popular plugins were found to have a code execution vulnerability. An exploit that enables code execution is about as bad as it gets. New releases of the plugins were released on the 18th of April. The following caching […]
Read More

SPF Checked – a look at the Sender Policy Framework

Heard of SPF but not sure how to pass an SPF check? Lets get back to basics and have a quick look at the SPF DNS record that can make your email delivery more reliable and less likely to hit the spam folder. An SPF record is a DNS TXT record that contains the IP […]
Read More

Online Firewall Test for Work or Home

Firewall Testing is the only way to accurately confirm whether the firewall is actually working as expected. Complicated firewall rules, poor management interfaces and other factors often make it difficult to determine the status of a firewall. By using an external port scanner it is possible to accurately determine the firewall status. This type of […]
Read More