Skip to content

ls /blog

Linux Security Blog

Search
  • Home
  • Shep Tutorials
    • Set Up Security Shepherd On VMWare
    • Failure To Restrict Access – Solution
    • Insecure DOR – Solution
    • Poor Data Validation – Solution
    • Security Misconfiguration – Solution
    • Insecure Direct Object Reference 2 Solution
    • Cross Site Scripting One Solution
    • SQL Injection Solution
    • OWASP Security Shepherd – Failure To Restrict Access Solution
    • Session Management Challenge One – Solution
  • Linux Courses
    • Hyperledger Fundamentals
    • LFD201 – INTRODUCTION TO OPEN SOURCE DEVELOPMENT, GIT, AND LINUX!
    • KUBERNETES FOR DEVELOPERS (LFD259) COURSE AND CKAD CERTIFICATION
    • OUR SELF PACED COURSE – LFS264 – OPNFV FUNDAMENTALS!
    • THE SELF PACED COURSE – LFS263 – ONAP FUNDAMENTALS
    • Get a FREE Dell Chromebook 11 with qualifying Linux Foundation instructor-led course purchase!
  • GNS3 Series
    • Install GNS3 2.2 on Windows10 | Download Link Included
    • Import VirtualBox Images to GNS3
  • About

Featured

10Oct 201910 Oct 2019
Add a comment

BlueKeep – Exploit Windows (RDP Vulnerability) Remotely

Remote desktop protocol (RDP) is a secure network communications protocol designed for remote management, as well as for remote access…

28Sep 201926 Nov 2019
Add a comment

Create a Backdoor Shell Script in Python

So we’ve delved into Python before, but this post should be a bit more interesting. What we will do today…

13Sep 201811 Oct 2019
1 Comment

Create a Persistent Back Door with Kali, Netcat and Weevely

This post will dive into how we can take advantage of a vulnerability in a web application to gain access…

#Metasploit…

Heartbleed Discovery and Exploit

1 Feb 2020
Heartbleed is a security bug in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security protocol. It was introduced into the software in 2012…
#career…

Take Your Career to Cloud 9!

13 Jan 202013 Jan 2020
The demand for cloud experts has never been greater as more and more companies move from the traditional server infrastructure to cloud solutions. If you have resolved to learn about…
#career…

Linux Security Fundamentals (LFS216)

9 Jan 2020
Course Overview This course is a comprehensive look at the security challenges that can affect almost every system, especially with the seamless connectivity we seek from the Internet. Many of…
#career…

Configuring Your IAM Securely on AWS

20 Dec 2019
To help secure your AWS resources, follow these recommendations for the AWS Identity and Access Management (IAM) service. Lock Away Your AWS Account Root User Access Keys You use an…
AppSec…

Gaining Root From a Buffer Overflow Vulnerability

9 Dec 201911 Jan 2020
Buffer overflow flaws can be present in both the web server and application server products that serve the static and dynamic portions of a site, or in the web application…
#career…

PenTesting: Gaining Root Privileges on Kioptrix

6 Dec 20196 Dec 2019
Kioptrix is a Capture The Flag style VulnHub VM and the aim of the game is to gain root privileges. We will be using Kali Linux in this post so…
#Metasploit…

Write an IMAP Fuzzing Tool

3 Dec 20193 Dec 2019
Picture this scenario. During a host reconnaissance session we discovered an IMAP Mail server which is known to be vulnerable to a buffer overflow attack (Surgemail 3.8k4-4). We found an…
#career…

Cyber Monday Training And Certification Sale!

3 Dec 20193 Dec 2019
It’s our biggest sale of the year. Save up to 65% on all training and certification! SAVE UP TO 60% ON ALL E-LEARNING AND CERTIFICATION BUNDLES USING COUPON CODE: BUNDLE60 …
AppSec…

First Stack Buffer Overflow to modify Variable

30 Nov 201930 Nov 2019
Stack0: https://exploit.education/protostar/s... Intel Reference: intel.de/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-instruction-set-reference-manual-325383.pdf  
Cyber Security…

How To Fully Anonymize Your IP

20 Nov 201911 Jan 2020
As a security professional, sometimes you will want to anonymize your web traffic so as not to set alarms off. Today we will be looking at TOR and a tool…
#Metasploit…

Gaining Access to Windows10 Through VLC Exploit

14 Nov 201920 Nov 2019
VLC is a free and open source cross-platform multimedia player and framework that plays most multimedia files as well as DVDs, Audio CDs, VCDs, and various streaming protocols. Today we…
#career…

Node.js Certification Sale!

12 Nov 201915 Nov 2019
The OpenJS Foundation, in partnership with NearForm and NodeSource, has created a certification program designed to demonstrate competence within the Node.js framework. OpenJS Node.js Application Developer (JSNAD) is ideal for the…
AppSec…

Import VirtualBox Images to GNS3

1 Nov 20197 Nov 2019
This is the second post of our GNS3 tutorials, today we will look at how to import a VirtualBox image into GNS3. If you haven't installed GNS3 yet or downloaded…
#career…

Install GNS3 2.2 on Windows10 | Download Link Included

31 Oct 20199 Dec 2019
GNS3 is a Graphical Network Simulator that allows emulation of complex networks. GNS3 allows the same type of emulation using Cisco Internetwork Operating Systems. It allows you to run a…
Attacks…

Crack WPA Handshake using Aircrack with Kali Linux

29 Oct 201930 Oct 2019
Today's tutorial will be looking into how you can crack the password of the 4 way handshake of someone that is re-authenticating themselves to a wireless router. The goal is…
#career…

Learn Blockchain and Distributed Ledger Technologies!

15 Oct 2019
For one week only!! The global blockchain market is experiencing exponential growth and the demand for knowledgeable sysadmins and developers is keeping pace. Linux Foundation Training offers certifications in partnership…
AppSec…

XML External Entity (XXE) Vulnerability

14 Oct 201927 Oct 2019
According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to…
#career…

Linux Foundation Development

8 Oct 20198 Oct 2019
As most readers will know, learning Linux is an integral part of the software development process. Since most servers around the world run on Linux it is vital for your…
AppSec…

Movies Featuring the Nmap Security Scanner

6 Oct 201930 Oct 2019
The Nmap Security Scanner has appeared in many major motion pictures (as well as more obscure films). This gallery provides screen shots and details for each movie. Source: Movies Featuring…
Attacks…

Reverse Engineering Router Firmware

3 Oct 201911 Oct 2019
Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object; similar to…
Cyber Security…

Send Secret Files in an Image Using Steganography

2 Oct 201914 Dec 2019
Steganography is data hidden within data. It enables us to embed files, messages or links into an image that can't be detected by email filters. So we can send secret…
#Metasploit…

Exploiting Routers With Routersploit

26 Sep 20195 Oct 2019
If you have Wi-Fi at home, then you have a router, this is how you get your internet access. Today we will be looking a piece of software that allows…
Attacks…

Find Vulnerable Devices On The Internet With Shodan

9 Sep 201923 Sep 2019
Welcome back to LSB and thanks for reading. Today we will be looking at how to search for vulnerable devices around the world using Shodan. Shodan is an index of…
#career…

Hacking Android With Metasploit

4 Sep 20197 Sep 2019
Good morning/evening/night my fellow hackers, today's lesson is on Metasploit and how we can hack Android with a Metasploit payload. So let's get started!! As always, this post is for…
#career…

Set up some Honeypots and a Threat Map

2 Sep 201917 Sep 2019
Welcome back my fellow ethical hackers. Remember, the contents in this post is for educational purposes and should only be used for ethical reasons, so with that caveat, let's get…
AppSec…

Securing Your Crypto Wallet

22 Aug 201917 Nov 2019
by Areeb Soo Yasir · Published · 2019-08-22 Why the world misses out on basic user-based security and isolation. When it came time to create my CryptocurrencyOS, based on Linux…
AppSec…

Write a Ping Sweeper in 4 Lines of Bash

21 Aug 201918 Nov 2019
What we will do today is write a script that will ping a certain IP range and tell us which IP's respond to our ICMP requests. In other words we…
#career…

Linux Foundation Go Cloud Native Training Bundle Sale

12 Aug 2019
Cloud native technology has a faster deployment time, improved scalability and cloud portability. This explains why cloud native skills are some of the most in-demand in the industry. To help you…
Cyber Security…

Managing the Linux /tmp Directory Expertly

30 Jul 201910 Dec 2019
Posted July 30, 2019 | by Ken Hess (Red Hat) The /tmp directory is a temporary landing place for files. Users also have write access to this directory, which can…
Cyber Security

Our Linux Sister Linuxsecurity.com are Celebrating their 20th Anniversary by Launching a New Website

23 Jul 201923 Jul 2019
LinuxSecurity.com is the community's central source for information on Linux and open source security. They follow the open source trends as they affect the community. Also they produce content that…
#career…

SysAdmin Day Sales – The Linux Foundation

16 Jul 201916 Jul 2019
To celebrate Sysadmin Day, starting July 16th we’re offering all our IT certification and prep course bundles for only $325 each! We’ll also throw in a bonus course, regularly priced…
#career…

June Deals: 70% Off Linux Foundation Bundles

16 Jun 201916 Jun 2019
For a limited time, get in-depth training in the open source technologies that matter most with one of our career training bundles - only $349 each - for a 70%…
AppSec…

Set Up A Penetration Testing Lab Easily With Vagrant

30 May 201915 Nov 2019
Today we will be looking at a neat little command line tool called Vagrant. This tool allows us to deploy virtual machines seamlessly and we are going to show you…
AppSec…

ProxyChains For Anonymity

29 May 201926 Nov 2019
Introduction Proxychains is an incredibly useful tool that is incredibly poorly documented. In this tutorial, we will cover using proxychains and SSH to connect to a multihomed device (like a…
Cyber Security…

Handy Bash one-liners

22 May 201922 May 2019
Terminal Tricks Using Ctrl keys Ctrl + n : same as Down arrow. Ctrl + p : same as Up arrow. Ctrl + r : begins a backward search through…
AppSec…

Enabling Monitor Mode & Packet Injection on the Raspberry Pi

20 May 201920 May 2019
By Kodyhttps://null-byte.wonderhowto.com/how-to/enable-monitor-mode-packet-injection-raspberry-pi-0189378/The Raspberry Pi Zero W and Pi 3 Model B+ include integrated Wi-Fi, Bluetooth Low Energy, and more than enough power to run Kali Linux. They sound like perfect…
#career…

Understanding How Blockchain Works

18 May 2019
In this blockchain tutorial, I will get blockchain explained from the basics, include the advantages of its technology and how the blockchain will benefit the way the world operates in…
#career…

OWASP A2: Broken Authentication and Session Management Cause and Prevention

12 May 201912 May 2019
Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability AVERAGE Prevalence WIDESPREAD Detectability AVERAGE Impact SEVERE Application / Business Specific Consider anonymous external attackers, as well…
AppSec…

New Exploits for Insecure SAP Systems

6 May 201918 May 2019
Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target insecure configurations of SAP components. REGISTER TODAY FOR YOUR…
#career…

Best Linux Distros for Ethical Hacking and Penetration Testing

1 May 20191 May 2019
Here is a list of some top Linux distro for ethical hacking and penetration testing that will surely help you to pick one that best fits your need. Kali Linux:…
#career…

Malware Analysis With Valkyrie

22 Apr 201914 Oct 2019
Valkyrie is a malware analysis tool that's free for you for a year to try out. You can visit https://valkyrie.comodo.com to sign up. Once you sign up you will presented…
AppSec…

Adblock Plus filter lists may execute arbitrary code

15 Apr 201915 Apr 2019
A new version of Adblock Plus was released on July 17, 2018. Version 3.2 introduced a new filter option for rewriting requests. A day later AdBlock followed suit and released…

Posts navigation

Older posts

RSS ls -a /Zer0Days

  • [webapps] Cisco Data Center Network Manager 11.2.1 - 'LanFabricImpl' Command Injection 6 Feb 2020
  • [webapps] Cisco Data Center Network Manager 11.2.1 - 'getVmHostData' SQL Injection 6 Feb 2020
  • [webapps] Cisco Data Center Network Manager 11.2 - Remote Code Execution 6 Feb 2020
  • [webapps] Ecommerce Systempay 1.0 - Production KEY Brute Force 6 Feb 2020
  • [webapps] Online Job Portal 1.0 - Cross Site Request Forgery (Add User) 6 Feb 2020

Follow Us

  • Twitter
  • Facebook
  • Tumblr
  • Reddit

RSS Crypto News

  • Bakkt to Acquire Loyalty Program Provider Bridge2 Solutions 6 Feb 2020 Caileam Raleigh
  • Bitcoin Cash (BCH) Gains Momentum, Soars 16% on High Volume 6 Feb 2020 Ankit Singhania
  • Craig Wright Accused of Abusing Attorney-Client Privilege in Trial 6 Feb 2020 Caileam Raleigh
  • ICON (ICX) Rockets Over 325% in 2020: Here Are the Key Drivers 5 Feb 2020 Ankit Singhania
  • Mastercard CEO Reveals Why His Firm Quit Libra Over Several Red Flags 4 Feb 2020 Caileam Raleigh

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,236 other followers

ls /categories

#career AppSec Attacks Bugs Cryptography Cyber Security Education Encryption Entertainment Exploits Hacking Linux Open Source Operating Systems Penetration Testing Privacy Security Technology Tips Tutorials

ls /comments

darknetdrugstrade on The Darknet 2019
Security Stack Sheet… on OWASP Security Shepherd- Sessi…
How To Fully Anonymi… on How To Fully Anonymize Your IP
Linux Security Blog… on How To Fully Anonymize Your IP
psychocod3r on How To Fully Anonymize Your IP
QuBits on How To Fully Anonymize Your IP

Linux E-Learning Courses

Hyperledger Fabric Fundamentals (LFD271)

$299 REGISTERS YOU FOR OUR NEWEST SELF PACED COURSE! LFD201 - INTRODUCTION TO OPEN SOURCE DEVELOPMENT, GIT, AND LINUX!

REGISTER TODAY FOR YOUR KUBERNETES FOR DEVELOPERS (LFD259) COURSE AND CKAD CERTIFICATION TODAY! $499!

$199 ENROLLS YOU INTO OUR SELF PACED COURSE - LFS264 - OPNFV FUNDAMENTALS!

ENROLL TODAY IN THE SELF PACED COURSE - LFS263 - ONAP FUNDAMENTALS FOR $199!

$299 WILL ENROLL YOU IN OUR SELF PACED COURSE - LFS205 - ADMINISTERING LINUX ON AZURE!

BUNDLE CLOUD FOUNDRY FOR DEVELOPERS COURSE(LFD232) AND THE CFCD CERTIFICATION FOR $499!

SPEND $199 AND ENROLL IN OUR SELF PACED CONTAINERS FUNDAMENTALS COURSE (LFS253)!

$199 ENROLLS YOU INTO THE CONTAINERS FOR DEVELOPERS AND QUALITY ASSURANCE COURSE (LFS254)!

ENROLL TODAY IN THE DevOps Fundamentals: Implementing Continuous Delivery SELF PACED COURSE! $199

ls -a -v /community

ls /MostVisited

  • Best Darkweb Links
    Best Darkweb Links
  • Payload in PDF
    Payload in PDF
  • D@rk Web L1nk$
    D@rk Web L1nk$
  • Hacking Android With Metasploit
    Hacking Android With Metasploit
  • Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
    Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
  • Best Linux Distros for Ethical Hacking and Penetration Testing
    Best Linux Distros for Ethical Hacking and Penetration Testing
  • OWASP Security Shepherd - SQL Injection Solution - LSB
    OWASP Security Shepherd - SQL Injection Solution - LSB
  • SMB Exploited
    SMB Exploited
  • BlueKeep - Exploit Windows (RDP Vulnerability) Remotely
    BlueKeep - Exploit Windows (RDP Vulnerability) Remotely
  • The Darknet 2019
    The Darknet 2019

ls /Archives

Follow ls /blog on WordPress.com

We Use Social Media

  • Twitter
  • Reddit
  • Facebook
  • Tumblr
  • Pinterest
  • YouTube
Create a website or blog at WordPress.com
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
Cancel