• Subscribe to the low volume list for updates.

Blog

Tools

Two factor (2FA) SSH with Google Authenticator

Configuring two factor authentication on SSH is actually quite straightforward. Using Google Authenticator we can get setup and running in about 8 minutes. If we were to use another method such as a hardware based token we would have to wait for delivery of the token (for example YubiKey) - that would take way longer. […]
Read More
5 years ago
Security ResearchToolsTutorial

Tcpdump Examples

Practical tcpdump examples to lift your network troubleshooting and security testing game. Commands and tips to not only use tcpdump but master ways to know your network. Knowing tcpdump is an essential skill that will come in handy for any system administrator, network engineer or security professional.
Read More
5 years ago
Security News

Using Nmap on Windows

Running Nmap on Windows is not as difficult or problematic as it was in the past. Nmap is supported on Windows 7 and higher with performance close to if not quite as good as Linux based operating systems. The majority of users still do use *nix based systems however a good number of people use […]
Read More
5 years ago
Security ResearchToolsTutorial

Wireshark Tutorial and Cheat Sheet

Examples to Understand the Power of Wireshark Wireshark can be useful for many different tasks, whether you are a network engineer, security professional or system administrator. Here are a few example use cases: Troubleshooting Network Connectivity Visually understand packet loss Review TCP retransmission Graph high latency packet responses Examination of Application Layer Sessions (even when […]
Read More
5 years ago
Security ResearchTools

Maltego Transforms

Creating Local Maltego Transforms for our DNS reconnaissance tools has been on my to-do list for a while now. I am happy to say they are now available and it is a sweet way to perform infrastructure mapping from a domain. What is Maltego? Maltego is a cross-platform application for performing link analysis. Discover relationships […]
Read More
6 years ago
Security ResearchTools

Cowrie Honeypot on Ubuntu

What is Cowrie Cowrie is the new fork of the Kippo Honeypot. It has been updated with new features and provides emulation that records the session of an attacker. With this session recording, you get a better understanding of the attackers tools, tactics, and procedures - TTPs. TTPs being a term that is increasingly being […]
Read More
6 years ago
Security News

DataSploit Tutorial

DataSploit Installation Often used with the Kali Linux penetration testing distribution, installing within Kali or Ubuntu Linux is a simple process. Ensure you have git and pip installed. test@ubuntu:~/$ git clone https://github.com/datasploit/datasploit test@ubuntu:~/$ cd datasploit test@ubuntu:~/datasploit/$ pip install -r requirements.txt test@ubuntu:~/datasploit/$ mv config_sample.py config.py test@ubuntu:~/datasploit/$ python datasploit.py -h True usage: datasploit.py [-h] [-i SINGLE_TARGET] [-f […]
Read More
6 years ago
Security ResearchTools

20 Open Source Security Tools for Blue Teams

20 Essential tools for Blue Teams   1. Nmap   2. OpenVAS   3. OSSEC   4. Security Onion   5. Metasploit Framework   6. OpenSSH   7. Wireshark   8. Kali Linux   9. Nikto 10. Yara 11. Arkime (formerly Moloch) 12. ZEEK (formerly Bro-IDS) 13. Snort 14. OSQuery 15. GRR - Google Rapid Response 16. ClamAV 17. Velociraptor 18. ELK Stack | […]
Read More
6 years ago
Tools

OpenVAS 9 install on Ubuntu 16.04

If you are installing OpenVAS into a Ubuntu virtual machine I suggest adding as much CPU as you can as this will speed up your scan times. A suggested minimum is 8GB of RAM and 4 cores. An interesting feature mentioned in the latest release is the development towards building a distributed system for large […]
Read More
6 years ago