Latest Posts

  • Docker Security Course

    Docker is an incredibly popular platform to quickly create, deploy and host web applications, databases, and other business-critical solutions. The adoption of Docker continues to grow by companies and organizations, and raises an important question, how should users better secure their Docker containers? The process of securing Docker is multi-faceted and requires a procedural approach […] More

  • Open Source Computer Science Degree

    The OSSU curriculum is a complete education in computer science using online materials. It’s not merely for career training or professional development. It’s for those who want a proper, well-rounded grounding in concepts fundamental to all computing disciplines, and for those who have the discipline, will, and (most importantly!) good habits to obtain this education largely on their own, […] More

  • HackerSploit & Linode: Securing Commonly Web Apps & Databases

    Learn how to secure web applications and databases Join us for our latest Linode LIVE series, Securing Commonly Used Web Apps.  We’ve invited HackerSploit back for this two-part series covering securing your web pages, databases, and server management tools. When deploying web applications and services,  security should be evaluated throughout. A solid understanding of the fundamentals […] More

  • Linode LIVE! HackerSploit: Linux Server Security Series

    Secure Your Personal Linux Servers with HackerSploit Event Website This 12-episode Linux Security series will work as a practical guide for anyone that wants to learn how to effectively secure their servers. At a high level, viewers will learn how to set up, secure, and audit Linux servers. HackerSploit: Linux Security Server Series Part 1 […] More

  • Linux Security Auditing With Lynis

    Installing Lynis Lynis is an extensible security audit tool for computer systems running Linux, FreeBSD, macOS, OpenBSD, Solaris, and other Unix derivatives. It assists system administrators and security professionals with scanning a system and its security defenses, with the final goal being system hardening. Lynis is available as a package for most Linux distributions, we […] More

  • SSH Brute-force Protection With Fail2Ban

    Fail2Ban is an intrusion prevention framework written in Python that protects Linux systems and servers from brute-force attacks. We can set up Fail2Ban to provide brute-force protection for SSH on our server, this will ensure that the server is secure from brute-force attacks and it also allows us to monitor the strength of the brute-force […] More

  • OverTheWire Bandit – Level 0 – 6

    The OverTheWire Bandit wargame is aimed at absolute beginners. It will teach the basics needed to be able to play other wargames. Link: https://overthewire.org/wargames/bandit/ This wargame is focused on Linux essentials and is a great way to learn and practice your Linux skills. Note for beginners This game, like most other games, is organized in […] More

  • Cybertalk – EP8 – Better Bug Bounty Hunting & Reverse Engineering

    Welcome to the Cybertalk podcast! My co-host is Cristi Vlad and together where we will be covering all your questions related to Infosec and Cyber-security. If you want your question answered/featured in the next episode, you can post them in the Google form linked below.   Google form (Post your questions here): YouTube Channel: […] More

  • HackTheBox Devel – Walkthrough

    In this walkthrough, I will be taking you through some intermediate Windows exploitation and privilege escalation. The machine we will be targeting is called Devel, this is an intermediate box that requires a good understanding of enumeration, generating payloads with Msfvenom and Windows privilege escalation. From the machine matrix, we are able to deduce that […] More

  • HackTheBox Legacy – Walkthrough

    In this walkthrough, I will be taking you through the basics of Windows enumeration and exploitation. The machine we will be targeting is called Legacy, this is a fairly easy machine to exploit and is recommended for beginners to pentesting as it offers a quick and simple way to get your hands dirty with tools […] More

  • HackTheBox Lame – Walkthrough

    In this walkthrough, I will be taking you through the basics of Linux enumeration and exploitation. The machine we will be targeting is called Lame, this is a fairly easy machine to exploit and is recommended for beginners to pentesting as it offers a quick and simple way to get your hands dirty with tools […] More

  • How To Convert VDI To VMDK

    This guide is aimed at helping you migrate your virtual machines from VirtualBox to VMware. By default, VirtualBox utilizes the VDI (Virtual Disk Image) format for storage, whereas VMware uses the VMDK format, this can make migrating from one hypervisor to another quite cumbersome as you will have to reinstall/reconfigure your VM’s. However, we can […] More

  • Trending

    Nmap – Scan Timing & Performance

    Nmap – Scan Timing & Performance Nmap allows you to speed up and slow down scans based on the type of environment you are working in or targeting. This is very important as you may be dealing with network/business-critical infrastructure that might not be able to handle heavy/noisy scans, on the other hand, you may […] More

  • Kioptrix 1.1 Walkthrough Boot-To-Root

    About Kioptrix VM Image Challenges: The Kioptrix VM’s offer simple challenges. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player). The purpose of these games is to learn the basic tools and techniques in vulnerability assessment and exploitation. There are more ways […] More

  • How To Convert Linux Packages With Alien

    The problem with Linux packages Software and package distribution on Linux has always been extremely fragmented, primarily because of the multiplicity of package managers like apt, yum, and pacman and app image solutions available to a user. This is because Linux distributions follow their own philosophy and as a result, will end up using a […] More

  • Cybertalk – EP7 – OPSEC & Personal Security Guide

    Welcome to the Cybertalk podcast! My co-host is Cristi Vlad and together where we will be covering all your questions related to Infosec and Cyber-security. If you want your question answered/featured in the next episode, you can post them in the Google form linked below.   Google form (Post your questions here): YouTube Channel: […] More

  • Exploiting Common Linux Security Flaws

    Exploiting Common Linux security flaws In this post, we will be taking a look at some common Linux security flaws, how they are exploited, and how to fix them and secure the server from future exploitation. We will be using all the information and the security policy we created in the previous section as a […] More

  • How To Develop A Security Policy

    Developing a security policy A security policy is extremely important for companies and organizations as it outlines the various security threats that face the company and it’s assets and outlines the strategies to be implemented to mitigate these threats. What is a security policy? A security policy is a set of rules that outlines the […] More

  • SUDO Security Bypass Vulnerability – CVE-2019-14287

      Vulnerability Details: Release date: 14th October 2019 CVE ID: CVE-2019-14287 Affected Versions: Versions prior to <= 1.8.28 https://www.sudo.ws/alerts/minus_1_uid.html   Brief description of the vulnerability The security policy bypass vulnerability that allows users on a Linux system to execute commands as root, while the user permissions in the sudoers file explicitly prevents these commands from […] More

Load More
Congratulations. You've reached the end of the internet.
Back to Top