• Subscribe to the low volume list for updates.

Archives of Security Research

16 Offensive Security Tools for SysAdmins

Security Professionals use Offensive security tools for testing and demonstrating security weaknesses. Systems Administrators and other IT professionals will benefit from having an understanding of the capabilities of these tools. Benefits include preparing systems to defend against these types of attacks and being able to identify the attacks in the case of an incident. This […]
Read More
7 years ago

Enable OSSEC Active Response

Many OSSEC users start with Active response disabled to ensure the OSSEC agent does not affect the server, especially when running in a live production environment. However, once you have an understanding of the number of alerts and types of alerts you are seeing, it is a good idea to enable Active response. Blocking is […]
Read More
7 years ago

Proxy your Phone to Burp

In this guide we configure Burp Suite to proxy all the traffic from your phone, tablet or other wifi device. As a bonus you will also have full access to all the WIFI packets for consumption by Wireshark or your traffic analysis tool of choice.  Use this traffic analysis technique to hunt bug bounties in […]
Read More
8 years ago

Quietly Mapping the Network Attack Surface

When assessing the network security of an organization it is important to understand the breadth of the attack surface. A single forgotten host or web application in the network will often become the initial foothold for an attacker. Passively Mapping the Network Attack Surface Using open source intelligence (OSINT) techniques and tools it is possible […]
Read More
8 years ago

tshark tutorial and filter examples

tshark is a packet capture tool that also has powerful reading and parsing features for pcap analysis. Rather than repeat the information in the extensive man page and on the wireshark.org documentation archive, this tutorial will provide practical examples to get started using tshark and begin carving valuable information from the wire. Tshark examples Use […]
Read More
8 years ago

WordPress Security Testing with Nmap

As with any security testing, make sure you fully understand what the script will do and how it might affect a target system. Only test systems you have permission to scan! NMAP NSE Scripts for WordPress http-wordpress-info.nse Rather than brute forcing paths, this script is much more polite and will only download the main page […]
Read More
9 years ago

28 Days After Drupal Exploit

Last month a critical Drupal security exploit was released. Critical vulnerabilities in the core of content management systems are not as common as they once were, as can be seen in the amount of media coverage that this one generated. Using a custom Nmap NSE script I surveyed the top 10 thousand sites that are […]
Read More
9 years ago

500K HTTP Headers

Recently we crawled the Top 500K sites (as ranked by Alexa). Following requests from readers we are making available the HTTP Headers for research purposes. Download Headers (75MB) The publication of the statistics of WordPress usage is an example of the research that can be conducted. It is possible to determine Web Applications, Web Servers, […]
Read More
9 years ago

Testing Heartbleed with the Nmap NSE script

Everywhere is buzzing with news of the Heartbleed vulnerability in OpenSSL. This is a quick tutorial to show how to test for the vulnerability using a handy Nmap NSE script ssl-heartbleed.nse). First, a working version of Nmap (at least version 6.25), this is not difficult to find or install. So lets jump ahead to running […]
Read More
9 years ago

Defending WordPress with OSSEC

In a previous post, I covered the ways a WordPress site can be attacked. Using the open source OSSEC the majority of those attacks can be detected and even blocked at the system level. OSSEC is a host based Intrusion Detection System (HIDS). It can also be installed as an Intrusion Prevention System (IPS) as […]
Read More
10 years ago