Information Security is a fast changing field. The techniques of the attackers are constantly changing so it is necessary study attack methods and to adapt when necessary.
Security Operations and Security Event Analysis effectiveness can be greatly improved through visualizing security event data. While some people take great pleasure in looking at long lists of statistics from firewalls, intrusion detection systems and other security related logs most find it not only boring but also ineffective.
Visualizing the data can help an analyst spot patterns and trends that may otherwise be missed. It also makes your reports look pretty. 🙂
|Mapping Web Attacks with Splunk||Quickly map web application attacks such as the WordPress Timthumb using Splunk and Geolocation plugins.|
|SSH Blacklist Visualization||Using SSH black list data in this visual we plot the location of the different blacklisted IP's based on an IP geo-location lookup and then plotted onto a google mapped visualisation.|
|Tor Exit Node Visualization||Tor is a network of relays that are able to provide anonymity to its users. It is used by people all around the world; often by those who are living under oppressive regimes. An exit node is where the action is, this is where the traffic comes out of the encrypted tunnels and really hits the internet. This visualisation shows a break down of those exit nodes.|
Tutorials and Guides
Introductory tutorials and guides for building, installing and using Open Source security solutions on your own systems.
|Nmap Tutorial||A basic tutorial for installing Nmap and understanding the scanning process.|
|OpenVAS Tutorial||An introduction to OpenVAS with advanced tips for ongoing management of this vulnerability scanning solution.|
|SQLmap Tutorial||With SQLmap you can go from initial discovery of SQL Injection to complete database and server compromise. This tutorial will get you started.|
|Nikto Tutorial||Install Nikto and scan web servers with this simple tutorial.|
|XSS Tutorial||An introductory tutorial to cross site scripting (XSS). Understand the basics of how XSS works, to understand the risk.|
|Port Scanner Guide||Knowing how a Port Scanner benefits your security testing, is an essential step in building secure systems.|
|Tshark Tutorial||Tshark is the under appreciated little brother of Wireshark. It is a powerful command line packet analyser.|
|Firewall Ubuntu with UFW||Configure an IP Tables Firewall on Ubuntu with UFW in this tutorial.|
Passive Website Analysis
Looking at the technology behind the most highly trafficked websites in world (top one million sites) provides insight into Internet trends; including Internet Security, where our particular interests lie.
Over 12 months ago, we did an analysis of the Top 1 Million websites that included details of the web servers, hosting companies, web applications and locations of the sites. We are working on expanding this research into new area's and building a new set of data for 2017.
Identification of web technologies through analysis of the HTTP headers and HTML source is an effective reconnaissance method for those wishing to quietly assess and an organisations perimeter systems.
|100K Top Websites powered by WordPress||In this post we look at the top 100'000 wordpress sites; digging a bit deeper to pull out the Hosting Provider, Theme Name and Web Server the sites are running on. Download the full list of sites in .csv format to perform your own analysis or perhaps to see where you are sitting in the list.|
|WordPress WooThemes Framework Updates||WooThemes is one of the most successful theme development shops on the planet. In this analysis we look at how well webmasters apply security updates to the WooThemes Framework. Theme updates are just as important as WordPress Core and Plugin updates when maintaining a WordPress installation.|
|WordPress Theme Usage||WordPress is now hitting over the 16% mark in the top 1 million websites. This analysis breaks down the most popular commercial and free themes.|
|HTTP Headers for Security||With a number of different http headers available for protecting the end user, we performed some analysis to find out how prevalent the configuration of these headers is in the top websites.|
|IPv6 Infographic||During March we conducted analysis that involved looking for the presence of IPv6 AAAA records for the sites in the Top 1 Million. Through this analysis we found only 1.1% of all sites have made the move towards the new IP addressing technology.|
|WordPress Infographic||WordPress is the worlds most popular content management system. With around 15% of the top websites, this Infographic explores the hosting, security updates and operating systems of those sites.|
|Hosting Report 2011||During March 2011 we examined the hosting providers of the top 1 million sites, top 100000 sites and the top companies.|
|CMS Survey Summary||Content management systems (CMS) run many of the worlds websites both at the high end in the top 100'000 sites in the world and right down to personal blogs. This study has a look at the breakdown of the different systems.|
|Web Server Survey Summary||This analysis shows a breakdown of the web servers used by the most popular sites in the world.|