• Subscribe to the low volume list for updates.

Blog

Snort Tutorial and Practical Examples

Snort is a powerful open source network intrusion detection and prevention system. Use this tutorial to not only get started using Snort but understand its capabilities with a series of practical examples. Snort uses rules to analyze network traffic discover potential threats or network anomalies. Alerts can be dispatched to an analyst or trigger remediation […]
Read More

Recon-NG Tutorial

article revised and updated Nov 2022 The interactive console provides a number of helpful features such as command completion and contextual help. Recon-ng Installation Installing Recon-ng is very simple and there are a few common ways. Below are a few examples; Kali: At the time of this article version 5.1.2 comes pre-installed with Kali Linux. […]
Read More

Gobuster tutorial

Gobuster Installation Written in the Go language, this tool enumerates hidden files along with the remote directories. Using the command line it is simple to install and run on Ubuntu 20.04. For version 2 its as simple as: $ sudo apt install gobuster The Linux package may not be the latest version of Gobuster. Check […]
Read More

Detection of Log4j Vulnerability

On the 9th of December 2021, the world became aware of a critical RCE vulnerability in the Log4j open source package that is buried in the software stacks of many organisations (CVE-2021-44228). Versions of Log4j2 >= 2.0-beta9 and
Read More

Extend DetectionLab with Linux Endpoints

DetectionLab is a fantastic project by Chris Long for quickly deploying a Windows Domain-based test environment with Linux-based Security Information Event Management (SIEM). See our DetectionLab Tutorial or check out the project page for more information. In this post, I detail how to easily deploy additional Ubuntu Linux-based servers into the DetectionLab environment. The idea […]
Read More

Build a Cyber Security Lab with DetectionLab

DetectionLab and Vagrant DetectionLab by Chris Long makes this initial configuration a piece of cake. It is quite simply amazing; if DetectionLab was thrown into a 1RU box with blinking lights (Lockeed/Boeing/Raython) would probably sell this thing as a Cyber Range for 7+ figures. The DetectionLab will run on many operating systems and Hypervisors, but, […]
Read More

osquery Linux Tutorial and Tips

Install osquery on Ubuntu Linux Originally developed by Facebook, osquery is a well-supported and documented tool. It has straightforward installation steps for a variety of operating systems and Linux distributions. In this tutorial, we will focus on installation on Ubuntu from the official repository. If you are using Fedora or other Linux distros the initial […]
Read More

ClamAV Antivirus for Linux Tutorial

ClamAV Antivirus is an open source malware detection tool. In this tutorial we cover getting started with ClamAV and common use cases. Through various configuration profiles it is able to perform real time filesystem detection, ad hoc file scanning, mail gateway filtering and http proxy scanning. These use cases only scratch the surface of what […]
Read More

DNS Tools

DNS Enumeration Searching for DNS records and DNS related information is an important part of reconnaissance for a penetration tester. Obtaining information on DNS servers and DNS records provides the Pen Tester/Red Team/Attacker with a deeper understanding of the organisations network. With DNS, it is not a 'one tool fits all' situation. You will need […]
Read More