You may have heard the term OSINT(“Open Source Intelligence”) The basics is that you can use public sources to get information about a target during your recon. There are many tools that are available to perform this task such as Google, Maltego, SHODAN etc, one of the tools that really puts a perspective not only […]
Category: Uncategorised
Hello Everyone, There has been a new security flaw found in the WPA2 stack a security researcher was able to manipulate handshake packets in the 4 way WPA handshake and perform a key re-installation attack. 1.)T he basics of this attack is that an attacker would need to be in close range of your network
In my day to day Job, I have been responsible for mitigating DDoS attacks and making sure that they are detected in a timely manner. The company I work for has an awesome platform to mitigate DDoS attacks which have an alert system and analytics but I came across a public tool that you can
Hey, Everyone, I have been AFK for a bit I had some laser eye surgery done. Or as I like to say patches for my buggy eyes! I am recovering well and I am pretty much back to normal I am still having some blurred vision when looking at my PC but it’s minimal now
When it comes to DDoS attacks there are 2 primary types. A Volumetric attack with the goal of saturating the pipe on the target network. A Trickle attack with the goal of tying up the resources of the target network while generating the least amount of bandwidth. These 2 methods manifest in different ways where volumetric attacks
A SYN attack is an exploit of the TCP/IP stack where by an attacker send SYN packets and suppresses the SYN -ACK packet. This type of attack can be Volumetric where by the attacker send a large amount of data to a link to saturate the link . It can also be a trickle attack
If you are running a UTM or firewall and are not inspecting SSL traffic I am sorry to say your firewall is useless. Why is this? well first of all most traffic now is going over HTTPS even malware sites the fact of the matter is that just like you and I can get an
Hello Everyone Recently I came across this new tool from WordFence this tool is quite awesome it scans your server remotely for vulnerabilities. The tool is located at https://www.gravityscan.com I have run a tool against my own site here is a snapshot of what the results look like. the below is the results of the
By now I am sure you have heard the news, WannaCRY Ransomware Yesterday there was a huge Ransomware outbreak that struck across Europe the Wannacry Ransomware made its rounds the targets were hospitals in the UK the Russian Police and many others Even Microsoft started making patches for older systems like XP !!! when I read that
Well, another year another conference and this one was just as good as last years top vendors in many different security realms. Application security, Data security, writeupCloud, Mobile you name it they were there. Top vendors in many different security realms.Application security, Data security, writeupCloud, Mobile you name it they were there. One of my
Tomorrow I will be at the Data connectors Toronto Tech Security Conference I cant wait to see all the vendors and all the upcoming and new products I will also be in all of the seminars I am particularly excited for the presentation from Sophos See my updates on Facebook and other social media accounts
I will be at the Toronto Tech Security ConferenceRead More »
Cacti is an opensource network monitoring system the runs on a LAMP stack or a WAMP stack in the below video I show you how you can install this system so that you can monitor your network via SNMP and other methods.
Hello Everyone, With malware such as DNS changer and others that infect a machine and re-direct traffic to a different DNS server you can implement simple rules ahead of time to stop the traffic in the first place see my latest video on how to accomplish this In the video, I am using untangle
So you want to run bare metal Virtualization such as ESXI but your hardware is not supported this video will show you an alternative that you can use to get as close to bare metal as possible
You may have heard of the cloud and you may want to start adopting this concept for your network. There are many implementations of the cloud for organizations Public Cloud, Private Cloud, Community cloud, Hybrid cloud. this article will hopefully help you choose which solution is for you First of all, what is the
Iaas vs Paas vs Saas What are they ? who needs them ?Read More »