AppSec… Emotet The Banking Trojan 11 Apr 201924 Jul 2020 Emotet is a kind of malware originally designed as a banking Trojan aimed at stealing financial data, but it’s evolved to become a major threat to users everywhere. Let’s talk…
#career… Create An SQL Backdoor 7 Apr 20197 Apr 2019 SQL Malware affects a variety of database-driven applications, including but not limited to web applications, services, and desktop applications. This breed of malware is made possible by the SQL functionality for triggers and stored sub-procedures. Notice: SQL malware persists beyond deletion of rows…
#Metasploit… NetBIOS Auxiliary Modules 26 Mar 201924 Jul 2020 Full article: https://www.offensive-security.com/metasploit-unleashed/scanner-netbios-auxiliary-modules/ nbname The nbname auxiliary module scans a range of hosts and determines their hostnames via NetBIOS. msf > use auxiliary/scanner/netbios/nbname msf auxiliary(nbname) > show options Module options (auxiliary/scanner/netbios/nbname): Name…
AppSec… SMB Exploited 14 Mar 201924 Jul 2020 Server Message Block (SMB) is the transport protocol used by Windows machines for a wide variety of purposes such as file sharing, printer sharing, and access to remote Windows services.…
AppSec… Ghidra – First impressions of the NSA Reverse Engineering Tool 13 Mar 201924 Jul 2020 Ghidra is a reverse engineering tool, written in Java, that was recently open-sourced by the National Security Agency (NSA). You can find the Github page here and the download link…
AppSec… Exploiting XXE Vulnerabilities 5 Mar 201924 Jul 2020 By Chris Davis XXE (XML External Entity) attacks happen when an XML parser improperly processes input from a user that contains an external entity declaration in the doctype of an…
AppSec… CSRF Code Examples and Defense 3 Mar 201924 Jul 2020 CSRF is an attack that tricks the victim into submitting a malicious request. It inherits the identity and privileges of the victim to perform an undesired function on the victim's…
#career… Intro to Git and GitHub for Linux 7 Jan 20197 Jan 2019 The Git distributed revision control system is a sweet step up from Subversion, CVS, Mercurial, and all those others we've tried and made do with. It's great for distributed development,…
#career… We Have Linux Foundation Deals for you 23 Dec 201814 May 2020 As usual we have amazing new deals on Linux Foundation certificates and courses. Sign on and use your own pace to finish the course. Prometheus is the latast deal!! Updated…
AppSec… Create a Backdoor with Cryptcat 23 Dec 2018 In this tutorial, I'll introduce you to netcat's popular cousin, cryptcat (she's actually much cuter and more exotic than the plain netcat). Cryptcat enables us to communicate between two systems and encrypts…
Cyber Security… Veil – AV Evasion – Set Up and Tutorial 17 Dec 2018 Veil-Evasion is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. NOTE: ./setup/setup.sh should be re-run on every major version update. If you receive any major errors on running…
Cyber Security… Router Hardening Checklist 9 Dec 20189 Dec 2018 Network infrastructure devices (routers, switches, load balancers, firewalls etc) are among the assets of an enterprise that play an important role in security and thus need to be protected and…
#career… Cyber Monday Sale Starts NOW!(FOR A WEEK!!) 26 Nov 201830 Nov 2018 Yikes, yes, we are rolling out Cyber Monday deals for a week. This will hopefully make up for the lack of Black Friday deals, but maybe Black Friday has died.…
AppSec… SQL Injection Attacks 20 Nov 2018 A customer asked that we check out his intranet site, which was used by the company's employees and customers. This was part of a larger security review, and though we'd…
Cyber Security… Snort Open Source IDS 14 Nov 201828 Nov 2019 Snort is an open source Intrusion Detection System that you can use on your Linux systems. This tutorial will go over basic configuration of Snort IDS and teach you how…
AppSec… IPtables – the Linux Firewall 13 Nov 201813 Nov 2018 KORBIN BROWN FEBRUARY 6, 2014, 12:34PM EDT Iptables is an extremely flexible firewall utility built for Linux operating systems. Whether you’re a novice Linux geek or a system administrator, there’s…
#Metasploit… Payload in PDF 12 Nov 2018 Infected PDFs have always been a privileged way to infect users because this document format is very common and used by almost everyone. Moreover, it exists many ways to exploit Acrobat Reader…
#career… Now Is The Time, Linux is the Direction 11 Nov 201824 Jan 2019 Your future matters to us @ LSB, so get into Linux and see the new world it will open for you. Created by QuBits 2018-11-11
Android… Best Ad Blocker Apps For Android 11 Nov 201811 Nov 2018 By Khaled Shariar - LAST UPDATED: August 10, 2018 Want to get rid of annoying ads? Check out the following ad blocker for android to stop seeing ads on Android.…
#career… Linux Foundation Deals For LSB Followers 25 Oct 2018 We are delighted to be able to team up with The Linux Foundation to bring you some great deals on amazing Linux courses and materials. All courses, on completion is…
AppSec… OWASP Security Shepherd- Session Management Challenge One – Solution – LSB 12 Oct 201812 Oct 2018 We have another solution in the OWASP Security Shepherd challenges and we enjoyed completing this one. You can find out about Session Management from OWASP here. So let's get on…
AppSec… Penetration Testing – Complete Guide 10 Oct 201810 Dec 2018 What is Penetration Testing? It’s the process to identify security vulnerabilities in an application by evaluating the system or network with various malicious techniques. The weak points of a system…
Attacks… The Evil Twin Attack 8 Oct 201829 Oct 2019 I searched through many guides, and none of them really gave good description of how to do this. There’s a lot of software out there (such as SEToolkit, which can…
AppSec… OWASP Security Shepherd – Failure To Restrict Access Solution – LSB 27 Sep 201827 May 2019 Am I Vulnerable To 'Failure to Restrict URL Access'? The best way to find out if an application has failed to properly restrict URL access is to verify every page. Consider for…
AppSec… OWASP Security Shepherd – Insecure Cryptographic Storage Challenge 1 Solution – LSB 21 Sep 2018 Thanks for visiting and today we have another OWASP Security Shepherd Solution for you. This time it's the Insecure Cryptographic Storage Challenge. Cryptography is usually the safest way to communicate…
AppSec… OWASP Security Shepherd – SQL Injection Solution – LSB 15 Sep 201819 Sep 2019 A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data…
AppSec… Create a Persistent Back Door with Kali, Netcat and Weevely 13 Sep 201815 Aug 2020 This post will dive into how we can take advantage of a vulnerability in a web application to gain access and upload a backdoor that we can connect to in…
AppSec… OWASP Security Shepherd – Cross Site Scripting One Solution – LSB 12 Sep 201812 Sep 2018 Welcome back to LSB my budding hackers. Today's lesson is about Cross Site Scripting (Or XSS). Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected…
AppSec… OWASP Security Shepherd – Insecure Direct Object Reference Solution – LSB 10 Sep 2018 Welcome back to the Security Shepherd solutions from LSB. This was quite an interesting puzzle and it took a few tries to get the key. Insecure Direct Object Reference (called IDOR from here) occurs when…
AppSec… OWASP Security Shepherd – Failure To Restrict Access Solution – LSB 7 Sep 20187 Sep 2018 What is Failure to Restrict URL Access Vulnerability/Threat? Failure to restrict URL access occurs in applications hide functionality from non-privileged users. In an application that fails to restrict URL access, administration…
AppSec… AV evading with Veil 29 Aug 201822 Nov 2019 One of the most important issues any hacker must address is how to get past security devices and remain undetected. These can include antivirus software, intrusion detection systems, firewalls, web…
AppSec… W3af walkthrough and tutorial 9 Aug 20189 Aug 2018 w3af (Web Application audit and attack framework) is a framework for auditing and exploitation of web applications. In this series of articles we will be looking at almost all the…
#career… National SysAdmin Appreciation Day! 25 Jul 2018 Reward yourself with discounted training & certifications! 2 courses and 1 certification in each bundle: $325 each! We'll even give you a free T-shirt with every purchase! We are an independent…
AppSec… The Best Hacking Books 2018 25 Jul 201825 Jul 2018 BY HACKING TUTORIALS ON FEBRUARY 2, 2018 One of the most popular and most asked questions since I’ve started this blog is if I can recommend some good hacking books to read…
#career… Linux Foundation Courses/Certificates on Offer For Under 500 Bucks | LSB 21 Jun 2018 Introduction to Open Source Development, Git and Linux Learn how to develop open source software. This course focuses on open source software, an introduction to Linux systems and the use…
AppSec… Python Scripting For The Ethical Hacker 21 Jun 20188 Sep 2019 Welcome back, my greenhorn hackers!I began this series on scripting awhile back to teach all aspiring hackers how to write some basic scripts for hacking and reconnaissance. Without developing some basic scripting skills,…
Cyber Security… Kubernetes for Developers (LFD259) 17 Jun 201827 Jun 2018 Get advanced knowledge of application development using Kubernetes with training from The Linux Foundation! Kubernetes is a high-velocity open source orchestration tool to deploy, scale, and update containerized applications. This course…
Cloud Security… 10% Off Linux Programming & Development Training 27 May 2018 Promotion Details 10% Off any Linux Programming & Development Training courses Promo code: MEMORIAL10 Starts: May 28th at 12:00 AM Ends: May 28th at 11:59 PM Linux Memorial Day Sale…
AppSec… Stealing Signal Conversations from a MacBook 27 May 2018 Developed by Open Whisper Systems, Signal is a free, open-source encrypted communications app for both mobile and desktop devices that allows users to make voice calls, send instant messages, and even make…
AppSec… Setting Up A Snort IDS on Debian Linux 24 May 2018 Malicious network traffic (such as worms, hacking attempts, etc.) has certain patterns to it. You could monitor your network traffic with a sniffer and look for this malicious traffic manually…
AppSec… Password cracking with John the Ripper 24 May 201810 Feb 2019 Introduction For those of you who haven't yet heard about John the Ripper (hereby called John for brevity), it is a free password cracking tool written mostly in C. Before…
Cyber Security… Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+ 23 Apr 20186 Feb 2020 The Raspberry Pi is a perfect way to start. In 2018, the Raspberry Pi 3 Model B+ was released featuring a better CPU, Wi-Fi, Bluetooth, and Ethernet built in. Our recommended Kali Pi kit…
Linux Security Blog 
You must be logged in to post a comment.