Setting up a lab is an easy and cheap endeavor that nets you huge advantages in gaining hands on knowledge. All it takes is a spare machine that has a decent amount of RAM, a NIC, and a sizable hard drive. Below I will outline steps which you can follow to create your own ESXi Lab environment. Continue reading
Standard
Backtrack 5 r3 has been released!
August 13, 2012 by CyberRadCheck it out here!
Note: Be aware that there are many unofficial releases of Backtrack 5r3. Be sure to download Backtrack 5r3 from the official source www.backtrack-linux.org.
Standard
Metasploit: The Penetration Tester’s Guide
June 1, 2012 by CyberRadMetasploit: The Penetration Tester’s Guide is written by Dave (ReL1K) Kennedy, Jim O’Gorman (_Elwood_), Devon Kearns (dookie2000ca), and Mati Aharoni (muts). This book is an essential read for anyone looking to get into the field of Penetration Testing as well as seasoned veterans. There are a ton of examples through out the book that make it more interactive and enjoyable to read. Below I will go over a chapter by chapter analysis. Continue reading →
Standard
Google Hacking
April 15, 2012 by CyberRadGoogle Dorks are advanced search parameters that you can use with Google’s search engine to narrow down a search. Google Hacking is the art of using Google Dorks to find specific information on Google’s databases. For example finding a known vulnerable version of a web application. Continue reading →
Standard
Backtrack 5 r2 has been released!
March 1, 2012 by CyberRadJust in case you missed it Backtrack 5 r2 has been released with a ton of new tools including Reaver, Pyrit, and Pipal. The distribution also includes huge improvements to existing tools including Metasploit, Armitage, BeEF, and SET. The new distribution can be found on the Backtrack website.
Standard
Going Phishing with the Social Engineering Toolkit
January 17, 2012 by CyberRadSocial Engineering Toolkit (SET) is a social engineering pen testing framework created by Dave (ReL1K) Kennedy. SET contains numerous tools to help pen testers test the human element during a security engagement. Continue reading →
Standard
What to do after your *nix web server has been compromised
December 17, 2011 by CyberRadI thought it would be nice to write about what you should do when your *nix server is compromised. The idea came from a conversation that was sparked on the Full Disclosure List. Continue reading →
Standard
Using Rel1K’s Artillery To Protect Your Server
October 26, 2011 by CyberRadIf you are looking for a way to secure your linux server from some of the most common attacks being carried out today against linux servers then look no further then Rel1K’s Artillery program. Artillery is a combination of a honeypot, file monitoring and integrity, alerting, and brute force prevention tool. Continue reading →
Standard
How to perform a SQL Injection Attack
September 26, 2011 by CyberRadSQL Injection (SQLi) is an attack vector that is extremely easy to carry out. Most of the breaches you see today are perpetrated this way yielding huge payloads of data. Understanding this attack will help you defend against this type of attack. Continue reading →
Standard
Cracking the wireless network using aircrack-ng
August 12, 2011 by CyberRadAircrack-ng is a suite of programs that allow for auditing of IEEE 802.11 networks. Below I will go over using the Aircrack-ng suit in Backtrack 5 to capture and crack WEP and WPA. Continue reading →