Setting up a lab is an easy and cheap endeavor that nets you huge advantages in gaining hands on knowledge. All it takes is a spare machine that has a decent amount of RAM, a NIC, and a sizable hard drive. Below I will outline steps which you can follow to create your own ESXi Lab environment. Read More
Google Dorks are advanced search parameters that you can use with Google’s search engine to narrow down a search. Google Hacking is the art of using Google Dorks to find specific information on Google’s databases. For example finding a known vulnerable version of a web application. Read More »
Just in case you missed it Backtrack 5 r2 has been released with a ton of new tools including Reaver, Pyrit, and Pipal. The distribution also includes huge improvements to existing tools including Metasploit, Armitage, BeEF, and SET. The new distribution can be found on the Backtrack website.
Social Engineering Toolkit (SET) is a social engineering pen testing framework created by Dave (ReL1K) Kennedy. SET contains numerous tools to help pen testers test the human element during a security engagement. Read More »
I thought it would be nice to write about what you should do when your *nix server is compromised. The idea came from a conversation that was sparked on the Full Disclosure List. Read More »
If you are looking for a way to secure your linux server from some of the most common attacks being carried out today against linux servers then look no further then Rel1K’s Artillery program. Artillery is a combination of a honeypot, file monitoring and integrity, alerting, and brute force prevention tool. Read More »
SQL Injection (SQLi) is an attack vector that is extremely easy to carry out. Most of the breaches you see today are perpetrated this way yielding huge payloads of data. Understanding this attack will help you defend against this type of attack. Read More »
Weblabyrinth is a dynamic maze of web pages written in PHP. The main goal of Weblabyrinth is to delay and occupy malicious web scanners to give incident handlers time to investigate and respond to threats. Weblabyrinth is designed to show a 404 error to legitimate web crawlers based on the crawlers user-agent. Here is how you install and configure Weblabyrinth. Read More »