• Subscribe to the low volume list for updates.

Archives of Tools

Security tools both offensive and defensive in nature.

List all IPs in Subnet with Nmap

-sL  -n Below we have listed the IP addresses in the target subnet -sL with no reverse DNS lookups -n testsystem:~$ nmap -sL -n 192.168.1.0/30 Starting Nmap 6.25 ( http://nmap.org ) at 2014-05-17 23:33 EST Nmap scan report for 192.168.1.0 Nmap scan report for 192.168.1.1 Nmap scan report for 192.168.1.2 Nmap scan report for 192.168.1.3 […]
Read More
9 years ago

Install OpenVAS 7 on Ubuntu 14.04

Get started with OpenVAS version 7 with this straight forward installation guide. Ubuntu 14.04 is a LTS release meaning it is a good option for any server including an OpenVAS vulnerability scanning server.  Update - jump to latest install OpenVas version 9 on Ubuntu 16.04 released 2017. A nice change in the latest version of […]
Read More
9 years ago

Testing Heartbleed with the Nmap NSE script

Everywhere is buzzing with news of the Heartbleed vulnerability in OpenSSL. This is a quick tutorial to show how to test for the vulnerability using a handy Nmap NSE script ssl-heartbleed.nse). First, a working version of Nmap (at least version 6.25), this is not difficult to find or install. So lets jump ahead to running […]
Read More
9 years ago

WPScan Install on Ubuntu

WPScan can test a WordPress installation for security vulnerabilities. The tool is a black box scanner, it allows remote testing of a WordPress installation. Find vulnerable plugins and themes, security configuration issues and attack users by brute forcing passwords. Installation on Ubuntu Linux is pretty straight forward and you will be up and running in […]
Read More
10 years ago

Defending WordPress with OSSEC

In a previous post, I covered the ways a WordPress site can be attacked. Using the open source OSSEC the majority of those attacks can be detected and even blocked at the system level. OSSEC is a host based Intrusion Detection System (HIDS). It can also be installed as an Intrusion Prevention System (IPS) as […]
Read More
10 years ago

Attacking & Securing WordPress

Learn the tips and techniques used to attack and break into WordPress based websites. With knowledge of these hacker techniques, you will be better prepared to keep your sites secure. Penetration testers or red teams wishing to exploit WordPress targets will also find helpful pointers in this guide. Enumeration (Recon) 1. WordPress Core Version Enumeration […]
Read More
10 years ago

Online Firewall Test for Work or Home

Firewall Testing is the only way to accurately confirm whether the firewall is working as expected. Complicated firewall rules, poor management interfaces, and other factors often make it difficult to determine the status of a firewall. By using an external port scanner it is possible to accurately determine the firewall status. This type of firewall […]
Read More
11 years ago

Update GeoIP data for Splunk App

If you are using the GeoIP app for Splunk you will find that it has not been updated recently. The last update was June 2011. Following my recent post regarding the installation of Splunk on an Ubuntu based system I started to dig into this app and found that it is a simple matter to […]
Read More
11 years ago

Install Splunk on Ubuntu in 5 mins

Splunk is a powerful log database that can be used for the analysis of any sort of log data through its easy to use search engine. Security logs, Syslog, Web server logs, and Windows logs are just the beginning. One of the great features of Splunk is that you can feed pretty much any log […]
Read More
11 years ago