• Subscribe to the low volume list for updates.

Archives of Tools

Security tools both offensive and defensive in nature.

PSAD Tutorial – Port Scan Detection in Ubuntu Linux

Using PSAD to Detect Port Scans in Ubuntu Linux can reveal who is hitting your servers and where they are coming from. In this short tutorial I will show you how to quickly get a port scan monitoring system in place. PSAD has been around since 2001. As is often the case a simple open […]
Read More
13 years ago

Security Onion LiveCD

Security based LiveCD distributions are a great way to quickly get your hands on some powerful security tools. Security Onion is no exception, if you are interested in playing with IDS or getting some intrusion detection tools up and running in a hurry you should definitely take a look at this. What is Security Onion? […]
Read More
13 years ago

Armitage – Cyber Attack Management for Metasploit

Metasploit development continues in leaps and bounds both from within Rapid7 and from the community. This is newly released tool puts the power of the Metasploit Framework into the hands of those who prefer point and clicky interfaces. Why does Armitage exist? "I've met too many security professionals who don't know how to use Metasploit. […]
Read More
13 years ago

Google builds lessons for Web Application Security

Google Gruyere The codelab is organized by types of vulnerabilities. In each section, you'll find a brief description of a vulnerability and a task to find an instance of that vulnerability in Gruyere. Your job is to play the role of a malicious hacker and find and exploit the security bugs. In this codelab, you'll […]
Read More
13 years ago

Metasploit Express Review

Metasploit Express with Ubuntu Announcement: End of life for Metasploit Express Jun 4th 2019 - Read Notice here The purchase of Metasploit by Rapid7 last year and the recent release of Metasploit Express has been big news in the security community. I have finally gotten around to giving it a spin. So what is Metasploit […]
Read More
13 years ago

Metasploit vs Snort as Snorby

Recently I stumbled acorss Snorby, an excellent easy to use implementation of Snort. It is a new web interface for Snort that is very pretty, but also simple. An excellent introduction to Intrusion Detection Systems, that is not going to scare anyone away. Now how to I get hold of this I hear you cry.... […]
Read More
13 years ago

Metasploit 3.4.0 on Ubuntu 10.04 a quick introduction

Perhaps you have heard of metasploit. It is a very powerful exploitation framework developed by HD Moore. Solid growth has seen an early version that was a few exploits in a perl based wrapper turn into a ruby coded framework that is competing with Core Impact and Canvas in the pen-testing community. Here is a […]
Read More
13 years ago

SET Social Engineering Toolkit

This tool, and guide to using the tool, is an example of how easy client based exploitation has become. When it comes down to it, attacking the client is fast becoming the easiest method to perform a targeted attack against an organisation or company. For our readers who are not familiar with Metasploit this maybe […]
Read More
13 years ago

CMS Explorer

When it comes to security vulnerability assessments against content management systems, it becomes necessary to discover which plugins are being used within the system. For the most popular open source systems (wordpress, drupal, joomla) there are literally thousands of plugins available and many have lets admit it not the best record when it comes to […]
Read More
13 years ago

New Web Application Security Tool from Google. Skipfish.

Having done some initial testing this new tool is powerful and comprehensive. It blends a number of other tool features into a neat little package. I did some testing on my local LAN and the web server was getting pounded with thousands of requests per second. Your access and error.log is really going to fill […]
Read More
14 years ago