The Office: Doomsday Device Writeup

Disclaimer: This post demonstrates hacking techniques and could be considered dangerous. I’m doing this for my own personal research using freely available tools and information, and testing against a vulnerable machine specifically designed for security assessments that has been installed in my own personal lab isolated from the public Internet. Please do not use these techniques against any computer system that you either do not own or do not have permission to work on. [Read More]

Automating Server Deployments in AWS with Terraform

Previously I discussed deploying Enterprise Linux in AWS which I demonstrated by using the AWS console. This is a common way to deploy servers to the cloud, however doing server deployments manually can create a situation where you’re stuck with static images that are difficult to replicate when your infrastructure grows. One of the benefits of Cloud Computing is that the infrastructure is programmable, meaning we can write code that can automate tasks for us. [Read More]

Deploying Enterprise Linux in AWS

In a previous post I discussed installing Enterprise Linux in VMWare, this time I wanted to write about deploying a server to the cloud. Cloud Computing platforms like Amazon’s AWS allow you to build and run all kinds of Infrastructure and services on-demand without having to purchase and maintain expensive physical computing hardware. You can deploy a server in minutes and have the capability to scale your workload as much as you need. [Read More]

EternalBlue

Disclaimer: This post demonstrates hacking techniques and could be considered dangerous. I’m doing this for my own personal research using freely available tools and information, and testing against a vulnerable machine specifically designed for security assessments that has been installed in my own personal lab isolated from the public Internet. Please do not use these techniques against any computer system that you either do not own or do not have permission to work on. [Read More]

Rickdiculously Easy Writeup

Disclaimer: This post demonstrates hacking techniques and could be considered dangerous. I’m doing this for my own personal research using freely available tools and information, and testing against a vulnerable machine specifically designed for security assessments that has been installed in my own personal lab isolated from the public Internet. Please do not use these techniques against any computer system that you either do not own or do not have permission to work on. [Read More]

WebDeveloper 1 Writeup

Disclaimer: This post demonstrates hacking techniques and could be considered dangerous. I’m doing this for my own personal research using freely available tools and information, and testing against a vulnerable machine specifically designed for security assessments that has been installed in my own personal lab isolated from the public Internet. Please do not use these techniques against any computer system that you either do not own or do not have permission to work on. [Read More]

Kioptrix Writeup

Disclaimer: This post demonstrates hacking techniques and could be considered dangerous. I’m doing this for my own personal research using freely available tools and information, and testing against a vulnerable machine specifically designed for security assessments that has been installed in my own personal lab isolated from the public Internet. Please do not use these techniques against any computer system that you either do not own or do not have permission to work on. [Read More]

Vulnerability Scanning with Nessus

Tenable Nessus is an industry standard vulnerability scanner that can be installed for free for basic network scanning. I’ve also had the opportunity to deploy Nessus agents across a fleet of hundreds of Linux servers and run extensive scans from Tenable cloud. In this article I’ll describe setting up Nessus in Linux to scan remote hosts. Having knowledge of the vulnerabilities present in your environment is critical in defending against Cyber attack. [Read More]

Setting up a Cyber Security Lab

This post is a brief outline on setting up a home lab for Ethical Hacking, Penetration Testing and Cyber Security research. I’ll use the steps in this article as a base for future articles on more in-depth techniques. There’s already plenty of existing articles and tutorials about this kind of stuff and everyone has their own personal preferences, but this is my take and how I like to work. A personal lab is also going to reflect what you’re working on at the time, and not all lab environments will be the same. [Read More]

OpenLDAP on Enterprise Linux

This post will demonstrate setting up an OpenLDAP Server for user authentication on Enterprise Linux. OpenLDAP is an implementation of the Lightweight Directory Access Protocol and is often used for user identity and authorisation services in corporate environments. I’ve previously demonstrated setting up an Enterprise Linux virtual machine, so if you haven’t already done so please setup a Linux system to work with, ideally to test authentication across multiple servers you’ll also have a second Linux server to work with as well. [Read More]
LDAP  Linux  RHEL