• Subscribe to the low volume list for updates.

Blog

Security ResearchTools

Online Firewall Test for Work or Home

Firewall Testing is the only way to accurately confirm whether the firewall is working as expected. Complicated firewall rules, poor management interfaces, and other factors often make it difficult to determine the status of a firewall. By using an external port scanner it is possible to accurately determine the firewall status. This type of firewall […]
Read More
11 years ago
Security Research

There are no WordPress Timthumb Hackers in Mongolia

What is Timthumb? Back in August 2011, a serious vulnerability was discovered in many popular WordPress themes and Plugins. The code enabled automatic thumbnail creation when publishing with the WordPress content management system. While not a part of the WordPress core, the code had been reused by many developers, including both commercial and free theme […]
Read More
11 years ago
Security ResearchTools

Update GeoIP data for Splunk App

If you are using the GeoIP app for Splunk you will find that it has not been updated recently. The last update was June 2011. Following my recent post regarding the installation of Splunk on an Ubuntu based system I started to dig into this app and found that it is a simple matter to […]
Read More
11 years ago
Tools

Install Splunk on Ubuntu in 5 mins

Splunk is a powerful log database that can be used for the analysis of any sort of log data through its easy to use search engine. Security logs, Syslog, Web server logs, and Windows logs are just the beginning. One of the great features of Splunk is that you can feed pretty much any log […]
Read More
11 years ago
Security Research

Leading websites that enable IPv6 now at 2.68%

There is a need for web site owners and business to enable IPv6 on networks and public facing Internet services. HackerTarget.com has completed a second survey of the websites in the Alexa Top 1 Million to review the latest progress. The survey tested each host for the presence of an AAAA DNS record. This is […]
Read More
11 years ago
Security ResearchToolsTutorial

Firewalling Ubuntu with UFW for IPv4 + IPv6

Under Ubuntu, you can quickly build an iptables based firewall using the handy built-in firewall configuration tool UFW - Uncomplicated Firewall. Network architectures will vary, but if you are deploying Internet facing Servers you generally should be configuring a host-based firewall. It can protect listening services that don't need to be Internet accessible. In addition, […]
Read More
11 years ago
Security Research

30 most popular Drupal themes in Top 1M websites

In this list of popular Drupal Themes in the Alexa Top 1 million, I have tallied the number of Drupal themes based on the path of the theme installation. Drupal theme counts were determined by analysing the html of the root pages in the top 1 million websites and extracting the default Drupal theme path […]
Read More
11 years ago
Security ResearchTools

Bro-IDS Ubuntu 16.04 Install & Tutorial

Bro IDS Installation under Ubuntu 16.04 Grab the required packages using apt. apt install cmake make gcc g++ flex bison libpcap-dev libssl-dev python-dev swig zlib1g-dev libgeoip-dev We have included the libgeoip-dev package as we are going to configure our installation with GeoIP support. wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/GeoLiteCityv6.dat.gz gzip -d GeoLiteCity.dat.gz gzip -d GeoLiteCityv6.dat.gz Move the […]
Read More
11 years ago
Security ResearchTools

Nessus, OpenVAS and Nexpose VS Metasploitable

The following article shows results from a test in which I have chosen to target three different vulnerability scanners in a "black box" test against a Metasploitable version 2 Virtualbox. In such a test the vulnerability scanner run against a target with no prior knowledge or credentialed access to the system. In this high-level comparison […]
Read More
11 years ago
Tools

Bing Azure API with a simple Python script under Ubuntu

To use the Bing Azure Marketplace API from the command line in Ubuntu I used Python and the following method. No doubt there are many more ways to skin this cat but this got it working for me. With that I was able to integrate the results into my scans on HackerTarget.com. Background on the […]
Read More
11 years ago