From the CERT.be website : Open DNS resolvers are frequently being abused to conduct efficient DDoS attacks towards websites, infrastructure and services..
You can detect open resolvers on your network with a vulnerability information management tool (for example Qualys), via the Open Resolver Project or manually with an nmap command.
Keeping track of the different output files becomes more difficult if you have to do this often. I wrote a script that imports the nmap … Read more.
STeBB ( Security Testing Browser Bundle ) is an all in one web security toolkit for web application security testers. Built over Mozilla Firefox, this Linux based open source browser bundle comes with a vast array of awesome tools that help you secure your web application. STeBB runs in Debian based Linux distributions and can be used to thoroughly security test the web applications, especially the OWASP Top 10 risks. Basically it’s a web pen … Read more.
For a new project I needed a tool that could scan a web server for the http status code of different URLs and have the results listed in a easily parseable result. The URLs are typical Linux resources (f.e. the password file, the hostname, services file, …) that could lead to disclosing sensitive system information.
There are already a number of tools that can achieve this but none really provided the output that I needed. … Read more.
I run this blog on WordPress. One of the major advantages of WordPress is its support for customizable web themes. These themes contain the graphical markup (CSS, images) and PHP code to mangle the data that is displayed.
I’ve adapted some of the default functions to have the display of archives and blog excerpts behave differently to the default provided by WordPress.
WordPress archives are accessible via the wp_get_archives function. This function has a number … Read more.
Web applications have become important assets in a company infrastructure. If you need to do a penetration test then it is essential that you have a basic understanding of how to analyse and test these web applications.
Many, if not all, require some form of authentication. Sometimes this happens via Basic Authentication where the user needs to enter credentials in some form of popup in the web browser. More often though the authentication happens via … Read more.
SSH is a powerful remote access tool. It has an often overlooked feature -R : (from the man pages) Specifies that the given port on the remote (server) host is to be forwarded to the given host and port on the local side..
In essence this means that you can have a remote host A connecting to a host B that is controlled by you. Then from that host B you can connect trough host … Read more.
An older script that I use on OpenBSD to update ddclient hostnames. The script should run with minor modifications on Linux.
If you are unable to get your public IP from a local interface then you can use dyndns.org.
The documentation of Redmine describes the upgrade process. I upgraded from Redmine 1.3.1 to Redmine 2.2.2. On an older Ubuntu (10.04.4 LTS) the upgrade steps described in the documentation were not sufficient.
Extract the latest redmine file in your web root. I use a symlink pointing redmine to the latest version. This allows you to keep different version and provides an easy way to switch between versions. You then have to copy the different configuration … Read more.
Below is a PHP script that will graph the first 8 bits of the visitors source IP in your apache logs. The bigger the circle, the more visitors you had. You’ll need gd support in PHP. The minimal width of the circle is set to 3, the maximum width is 85. You can run the script with
The first parameter is the log file. The second parameter is either 20x, 40x or 50x. This graphs … Read more.
A recent post by @xme revealed a tool that allows for passive mapping of SSIDs. I gave it a go for 48 hours and below are the results.
bbox2-1888 2126 bbox2-4344 1580 dlink 84 Veronique 123 31 bbox2-0530 28 telenet-4F11F 28 ZapFi 14 FON_BELGACOM 12 linford1986 4 Wifi 45 4 ZapFi-Gusto 4 coffee House 3 homewlan 3 queenshotel 3 WifiCharles 3 Axip-Home 2 Axip-NW 2 bbox2-22b5 2 SKY24721 2 WLAN_38 2 bbox2-c230 1 BENCHIJIGUA 1 … Read more.
Graphs made with cudeso posts stats
By continuing to use the site, you agree to the use of cookies. more information
An HTTP cookie, is a small piece of text sent from a website and stored in your web browser. Cookies are a reliable mechanism for websites to remember your preferences and improve your browsing experience.
If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.