ENISA published a very practical guide about establishing a computer security incident response team (CSIRT) or security operations centre (SOC). Source: https://www.enisa.europa.eu/publications/how-to-set-up-csirt-and-soc
For some critical machines when it is not usual that users login through SSH or execute SU to become superuser, we can use PAM module configuration to receive some kind of alert whenever a user logs into that machine or escalates privileges to root. Two options here: /etc/pam.d/su: To receive alerts everytime a user becomes… Read more
I don’t know what you were doing or even if you were even born, but on September 22th 2004 at 4:44 PM I was having fun decrypting an ELF binary going through the awesome NGSEC1 CTF !! #quiz.ngsec.com There was a binary file encrypted with BurnEye Encryption Engine that had to be decrypted in order… Read more
Quick video showing a successful attack doing a Denial of Service against a website using WordPress. To be protected against this cyberattack, do not forget to restrict access to /xmlrpc.php resource only from your IP address (126.96.36.199 in the example below). For Apache, edit /.htaccess file to add:
It is very easy to resolve any domain in Microsoft Windows natively using the command nslookup: By default our system will query to our predefined DNS server. If we want to query an specific DNS server, we can specify it as a second argument. In this case we ask the IP address of the domain… Read more
http://getgreenshot.org/ Greenshot: Screenshots for reports in Windows https://mobaxterm.mobatek.net/ MobaXterm: All-in-one terminal for Windows https://www.tracewrangler.com/ TraceWrangler: Easy sanitization and anonymization of PCAP and PCAPng files https://github.com/novnc/noVNC noVNC: VNC client using HTML5 (Web Sockets, Canvas) with encryption (wss://) support https://github.com/paradoxxxzero/butterfly butterfly: A web terminal based on websocket and tornado https://github.com/cure53/XSSChallengeWiki https://mosh.org/ Mosh: Mosh (mobile shell) https://ngrok.com/ Ngrok:… Read more
Faradaysec is a penetration testing IDE. How to run Faraday < 2.7 To run the server: Check: To run the client: How to run Faraday v3.0 First run server: Second, run client: Check: How to access the UI: http://127.0.0.1:5985/_ui/ For more info go to https://github.com/infobyte/faraday/wiki and https://faradaysec.com/ Next section, to customize your shell: ZSH
Useful frameworks to beautify your zsh shell: https://ohmyz.sh/ https://github.com/robbyrussell/oh-my-zsh Manual installation of oh-my-zsh: >> ZSH_THEME=”random” Cool themes: mortalscumbag To know more about how to use zsh shell and oh-my-zsh integrated within Faradaysec.
My name is Jacobo Avariento. I got a Master’s Degree in Computer Science and specialized in cybersecurity in 2001. With more than 15 years in the cybersecurity industry as a consultant and penetration tester working for top tier banks, the European Central Bank, pharmaceutical, automotive and gaming companies.
I hold Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP) and Certified Blockchain Security Professional (CBSP) certifications.