So I had an issue today with my main lab server I have multiple subnets in my lab some that can reach the Internet some are strictly internal I have an Ubuntu server that I want to connect to 2 subnets one is connected to my fast Gigabit network while the other is connected to […]
Hello Everyone If you have followed my YouTube channel for a while you may have seen my video on the GLASTOPF webapplication honeypot by https://github.com/mushorg/snare https://avatars3.githubusercontent.com/u/2742625?s=200&v=4 Web application honeypots allow you to host a page that is functioning while being able to see all the traffic and activies that occour on that page. This information
Check out the SNARE web application Honey-pot (successor to Glastopf)Read More »
Hey Guys If you are installing the kippo honey pot and you are having issues with logging to mysqlmake sure you are using the proper version of twisted Twisted 8.0 to 15.1.0 as the versions compatibile if you have the latest version you will not be able to log to the DB and may have
quick note on installing KIPPO Honeypots and logging to a SQL DBRead More »
Hey Everyone I have started also posting my Youtube videos on Vimeo I will continue posting my videos on Youtube as well check out my Vimeo home @ www.vimeo.com/seanmancini
Hack this site was one of the first places I used my knowledge of hacking and webapplication languages and not end up in jail 🙂 I went through most of these tracks a long while ago but thought I would make video walkthroughs of each mission if you are new to hacking or security and
I posted some time ago about the benefits of using Cloudflare See my video below if you are not familiar with Cloudflare which is a cloud CDN/WAF Cloudflare provides a proxy between the internet and your website all traffic is intended to through the Cloudflare network where it is then filtered via the rules
Enhancing your websites protection while using CloudflareRead More »
Hello Everyone! First off the happy new year! I hope everyone’s holiday was filled with fun and family I posted earlier this month about the importance of entropy and generating truly random numbers for things like PGP keys and encryption keys I have created a small website which aims to help with this problem.
New tool Launched ( Random hash/number generator)Read More »
If you have been hearing the news lately there has been a lot of media attention about Bitcoin. What is bitcoin ?, Bitcoin is a cryptocurrency that is digital and has no central body governing it which also means there are no middlemen such as banks or other financial institutions. Whatever your reasons for
PGP or (“Pretty Good Privacy”) is an encryption technology that was created by Phil Zimmermann PGP can be used to encrypt anything from files to emails. Recently some email providers have adopted the technology as a privacy feature. PGP works on all operating systems and functions similarly to PKI the user makes their Public
Hello Everyone, I have finally got around to updating the learning resources section of my site I will be adding some links to Book, Courses, Webinars etc that I come across and that I have taken read or intend to. It’s pretty amazing the amount of free content that you can get online from things
You may have seen in some applications that have an encryption option such as Kepass or Veracrypt where you can create a “keyfile” but what is a keyfile ? what is its purpose?. A keyfile is a file with an encryption key that is random generated either by entering random text and numbers or moving a mouse around the key
First off lets talk about what entropy is and why we need it, Entropy is used for a randomization factor when generating a hash the more random the entropy is the more random the key is which makes the key more unique and avoids duplicate keys. Also when the keys are somewhat the same its
What is the issue with entropy in virtual environments ?Read More »
I have covered the importance of MFA(Multi Factor Authentication) aka 2 factor security with more and more vendors such as Gmail Outlook and others now supporting MFA there is no reason not to have it enabled. MFA is the answer to a lot of security issues when it comes to authentication. One of the common complaints
When thinking about traditional security we think about protecting traditional assets like Laptops and Servers but we have gone way passed that now. The attack surface of our networks has grown to way passed our corporate HQ with telecommuters and mobile devices its hard to keep up but now there lurks another attack vector social
There is a new security mechanism coming to DNS which is called DNS over TLS the current DNS infrastructure uses UDP traffic that is sent in clear text which means it can be read by anyone who is sniffing traffic Also for some it provides that extra privacy The current DNS implementations use UDP port 53