For a new project I needed a tool that could scan a web server for the http status code of different URLs and have the results listed in a easily parseable result. The URLs are typical Linux resources (f.e. the password file, the hostname, services file, …) that could lead to disclosing sensitive system information.
There are already a number of tools that can achieve this but none really provided the output that I needed. … Read more.
It can sometimes be useful to have a script that captures all the HTTP requests and that logs these requests to a file. The PHP script below works for me. I use this script in combination with the htaccess file to catch all web page requests and redirect them to one file.
The .htaccess file :
The apache config for the virtual host is straightforward.
Adobe recently suffered from a break-in where intruders were able to get hold of Adobe users’data, containing email addresses, encrypted passwords, password hint names, etc.
This break-in was acknowledged by Adobe (note that the acknowledgement page from Adobe does not have a date or timestamp, at least not on Nov-17, it only mentions ‘recently’).
The posting on the Sophos blog by Paul Ducklin provides a very interesting overview on the cryptographic blunders made by Adobe. … Read more.
I had a CT scan of my head. I don’t know what exactly there is to see on the different images (the whole sequence is about 250 images) but they do look pretty amazing …
The images were available to me via a web interface on the Picture Archive and Communication Systems (PACS) platform of the hospital. The web server (JBossWeb/2.0.1.GA) was hosted on a Belgacom-IP that, according to the whois-database, belongs to ‘Tyco Thermal … Read more.
This post demonstrates how relatively easy it is to setup a system that harvests user credentials (username and password) for different web services (Facebook, Twitter, Yahoo).
For this exercise we’ll use two machines :
An end-user laptop or desktop with a browser; Kali Linux with a number of pentesting tools. The Kali Linux machine needs at least one network interface with internet connection.
The exercise scenario involves three major steps :
Have … Read more.
I run this blog on WordPress. One of the major advantages of WordPress is its support for customizable web themes. These themes contain the graphical markup (CSS, images) and PHP code to mangle the data that is displayed.
I’ve adapted some of the default functions to have the display of archives and blog excerpts behave differently to the default provided by WordPress.
WordPress archives are accessible via the wp_get_archives function. This function has a number … Read more.
Web applications have become important assets in a company infrastructure. If you need to do a penetration test then it is essential that you have a basic understanding of how to analyse and test these web applications.
Many, if not all, require some form of authentication. Sometimes this happens via Basic Authentication where the user needs to enter credentials in some form of popup in the web browser. More often though the authentication happens via … Read more.
A list of 20 different digital forensic investigation tools. The list is taken from http://www.gfi.com/blog/top-20-free-digital-forensic-investigation-tools-for-sysadmins/.
Added this post as a reminder-to-self.
SANS SIFT ProDiscover Basic Volatility The Sleuth Kit (+Autopsy) FTK Imager Linux ‘dd’ CAINE Oxygen Forensic Suite 2013 Standard Free Hex Editor Neo Bulk Extractor DEFT Xplico LastActivityView Digital Forensic Framework Mandiant RedLine PlainSight HxD HELIX3 Free NetSleuth P2 eXplorer Free
SSH is a powerful remote access tool. It has an often overlooked feature -R : (from the man pages) Specifies that the given port on the remote (server) host is to be forwarded to the given host and port on the local side..
In essence this means that you can have a remote host A connecting to a host B that is controlled by you. Then from that host B you can connect trough host … Read more.
Kaspersky recently released a paper on a cyber-espionage campaign that used NetTraveler, a malicious program used for covert computer surveillance.
The document is an interesting read. Below is a summary of some of the attack vectors used with this malware. You can use this information to detect the presence of the NetTraveler malware.
Nettraveler uses a couple of C&C scripts
Two of the C&C domains are sinkholed, pkspring.net and yangdex.org by … Read more.
Graphs made with cudeso posts stats
By continuing to use the site, you agree to the use of cookies. more information
An HTTP cookie, is a small piece of text sent from a website and stored in your web browser. Cookies are a reliable mechanism for websites to remember your preferences and improve your browsing experience.
If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.