#career… Learn Blockchain and Distributed Ledger Technologies! 15 Oct 2019 For one week only!! The global blockchain market is experiencing exponential growth and the demand for knowledgeable sysadmins and developers is keeping pace. Linux Foundation Training offers certifications in partnership…
AppSec… XML External Entity (XXE) Example 14 Oct 2019 According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to…
#Metasploit… BlueKeep – Exploit Windows (RDP Vulnerability) Remotely 10 Oct 201910 Oct 2019 Remote desktop protocol (RDP) is a secure network communications protocol designed for remote management, as well as for remote access to virtual desktops, applications and an RDP terminal server. RDP…
#career… Linux Foundation Development 8 Oct 20198 Oct 2019 As most readers will know, learning Linux is an integral part of the software development process. Since most servers around the world run on Linux it is vital for your…
AppSec… Movies Featuring the Nmap Security Scanner 6 Oct 2019 The Nmap Security Scanner has appeared in many major motion pictures (as well as more obscure films). This gallery provides screen shots and details for each movie. Source: Movies Featuring…
Attacks… Reverse Engineering Router Firmware 3 Oct 201911 Oct 2019 Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object; similar to…
Attacks… Create a Backdoor Shell in Python 28 Sep 201910 Oct 2019 So we've delved into Python before, but this post should be a bit more interesting. What we will do today is write a backdoor in Python and if you manage…
#Metasploit… Exploiting Routers With Routersploit 26 Sep 20195 Oct 2019 If you have Wi-Fi at home, then you have a router, this is how you get your internet access. Today we will be looking a piece of software that allows…
#career… Hacking Android With Metasploit 4 Sep 20197 Sep 2019 Good morning/evening/night my fellow hackers, today's lesson is on Metasploit and how we can hack Android with a Metasploit payload. So let's get started!! As always, this post is for…
#career… Set up some Honeypots and a Threat Map 2 Sep 201917 Sep 2019 Welcome back my fellow ethical hackers. Remember, the contents in this post is for educational purposes and should only be used for ethical reasons, so with that caveat, let's get…
AppSec… Securing Your Crypto Wallet 22 Aug 201922 Aug 2019 by Areeb Soo Yasir · Published · 2019-08-22 Why the world misses out on basic user-based security and isolation. When it came time to create my CryptocurrencyOS, based on Linux…
AppSec… Write a Ping Sweeper in 4 Lines of Bash 21 Aug 201930 Aug 2019 What we will do today is write a script that will ping a certain IP range and tell us which IP's respond to our ICMP requests. In other words we…
#career… Linux Foundation Go Cloud Native Training Bundle Sale 12 Aug 2019 Cloud native technology has a faster deployment time, improved scalability and cloud portability. This explains why cloud native skills are some of the most in-demand in the industry. To help you…
Cyber Security… Managing the Linux /tmp directory like a boss 30 Jul 2019 Posted July 30, 2019 | by Ken Hess (Red Hat) The /tmp directory is a temporary landing place for files. Users also have write access to this directory, which can…
#career… SysAdmin Day Sales – The Linux Foundation 16 Jul 201916 Jul 2019 To celebrate Sysadmin Day, starting July 16th we’re offering all our IT certification and prep course bundles for only $325 each! We’ll also throw in a bonus course, regularly priced…
#career… June Deals: 70% Off Linux Foundation Bundles 16 Jun 201916 Jun 2019 For a limited time, get in-depth training in the open source technologies that matter most with one of our career training bundles - only $349 each - for a 70%…
AppSec… POC – EternalBlue and Doublepulsar in Kali 4 Jun 201914 Jun 2019 This article is educational, using proof of concept in uncontrolled environments or without prior authorization may be illegal On April 14, 2017, the ShadowBrokers team leaked a new hacking toolkit…
AppSec… Set Up Your First Penetration Testing Lab Easily With Vagrant 30 May 201922 Sep 2019 Today we will be looking at a neat little command line tool called Vagrant. This tool allows us to deploy virtual machines seamlessly and we are going to show you…
AppSec… Build a Multi-Protocol Tunneling Tool in Java 29 May 201910 Oct 2019 Welcome back to LSB, hackers and developers alike. Today we show how we built a multi-protocol tunneling tool that allows you create encrypted tunnels to a remote server which then…
AppSec… ProxyChains For Anonymity 29 May 2019 Introduction Proxychains is an incredibly useful tool that is incredibly poorly documented. In this tutorial, we will cover using proxychains and SSH to connect to a multihomed device (like a…
Cyber Security… Handy Bash one-liners 22 May 201922 May 2019 Terminal Tricks Using Ctrl keys Ctrl + n : same as Down arrow. Ctrl + p : same as Up arrow. Ctrl + r : begins a backward search through…
AppSec… Enabling Monitor Mode & Packet Injection on the Raspberry Pi 20 May 201920 May 2019 By Kodyhttps://null-byte.wonderhowto.com/how-to/enable-monitor-mode-packet-injection-raspberry-pi-0189378/The Raspberry Pi Zero W and Pi 3 Model B+ include integrated Wi-Fi, Bluetooth Low Energy, and more than enough power to run Kali Linux. They sound like perfect…
#career… OWASP A2: Broken Authentication and Session Management Cause and Prevention 12 May 201912 May 2019 Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability AVERAGE Prevalence WIDESPREAD Detectability AVERAGE Impact SEVERE Application / Business Specific Consider anonymous external attackers, as well…
AppSec… New Exploits for Insecure SAP Systems 6 May 201918 May 2019 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target insecure configurations of SAP components. REGISTER TODAY FOR YOUR…
#career… Best Linux Distros for Ethical Hacking and Penetration Testing 1 May 20191 May 2019 Here is a list of some top Linux distro for ethical hacking and penetration testing that will surely help you to pick one that best fits your need. Kali Linux:…
AppSec… Emotet The Banking Trojan 11 Apr 2019 Emotet is a kind of malware originally designed as a banking Trojan aimed at stealing financial data, but it’s evolved to become a major threat to users everywhere. Let’s talk…
#career… Create An SQL Backdoor 7 Apr 20197 Apr 2019 SQL Malware affects a variety of database-driven applications, including but not limited to web applications, services, and desktop applications. This breed of malware is made possible by the SQL functionality for triggers and stored sub-procedures. Notice: SQL malware persists beyond deletion of rows…
#Metasploit… NetBIOS Auxiliary Modules 26 Mar 201927 Mar 2019 Full article: https://www.offensive-security.com/metasploit-unleashed/scanner-netbios-auxiliary-modules/ nbname The nbname auxiliary module scans a range of hosts and determines their hostnames via NetBIOS. msf > use auxiliary/scanner/netbios/nbname msf auxiliary(nbname) > show options Module options (auxiliary/scanner/netbios/nbname): Name…
AppSec… SMB Exploited 14 Mar 20197 Apr 2019 Server Message Block (SMB) is the transport protocol used by Windows machines for a wide variety of purposes such as file sharing, printer sharing, and access to remote Windows services.…
AppSec… Ghidra – First impressions of the NSA Reverse Engineering Tool 13 Mar 201910 Oct 2019 Ghidra is a reverse engineering tool, written in Java, that was recently open-sourced by the National Security Agency (NSA). You can find the Github page here and the download link…
AppSec… Exploiting XXE Vulnerabilities in IIS/.NET 5 Mar 20195 Mar 2019 By Chris Davis XXE (XML External Entity) attacks happen when an XML parser improperly processes input from a user that contains an external entity declaration in the doctype of an…
AppSec… CSRF Code Examples and Defense 3 Mar 20193 Mar 2019 CSRF is an attack that tricks the victim into submitting a malicious request. It inherits the identity and privileges of the victim to perform an undesired function on the victim's…
#career… Exploiting Poor SMB Configuration 1 Mar 20191 Mar 2019 What’s an SMB? SMB, which stands for Server Message Block, is a protocol for sharing files, printers, serial ports and communications abstractions such as named pipes and mail slots between…
Android Security… It’s Time To take back Our Internet 20 Jan 201920 Jan 2019 Tim Berners Lee was recently awarded the Turing Award (The ACM A.M. Turing Award is an annual prize given by the Association for Computing Machinery (ACM) to "an individual selected…
#career… Intro to Git and GitHub for Linux 7 Jan 20197 Jan 2019 The Git distributed revision control system is a sweet step up from Subversion, CVS, Mercurial, and all those others we've tried and made do with. It's great for distributed development,…
Bugs… Cuckoo – Sandboxed Malware Analysis 27 Dec 2018 What is Cuckoo? Cuckoo Sandbox is the leading open source automated malware analysis system.You can throw any suspicious file at it and in a matter of minutes Cuckoo will provide a…
#career… New Year Linux Foundation Deals 23 Dec 20188 Oct 2019 As usual we have amazing new deals on Linux Foundation certificates and courses. Sign on and use your own pace to finish the course. Perfect for a boring January and…
AppSec… Create a Backdoor with Cryptcat 23 Dec 2018 In this tutorial, I'll introduce you to netcat's popular cousin, cryptcat (she's actually much cuter and more exotic than the plain netcat). Cryptcat enables us to communicate between two systems and encrypts…
#career… Pivoting the Network 18 Dec 201815 Mar 2019 What is Pivoting? Pivoting is the unique technique of using an instance (also referred to as a ‘plant’ or ‘foothold’) to be able to move around inside a network. Basically…
