Authoring effective Linux shell scripts

| 0 comments

The act of authoring shell scripts can provide a great deal of effectiveness when working within the Linux operating system no matter what the task may be. If you have experience with Linux, you know that there what seems to be an number of scripts available out of the box. This can clearly cause confusion in the area of name collisions in the event you were not aware a script with a name exists with the name of the custom script that you are creating. one thing you can do is run the which command and this will return a …

Continue reading

They Live at DEFCON22

| 0 comments

Every year in August thousands upon thousands of people flock to Las Vegas, NV for the anual DEFCON conference. This is my second year attending and I knew once I attended DEFCON21 that I was forever hooked. I cannot begin to describe what the experience is like, because the experience is what you make of it. Last year, I had fun, but I did sit back and try to determine what I should and should not do. At the end of DEFCON21, I knew that I was going to jump head first into DEFCON22 and that is exactly what I …

Continue reading

Rip DEFCON videos from YouTube

| 0 comments

Have you never attended DEFCON and want to watch hours upon hours of conference talks? You could always go the the DEFCON YouTube playlist and click your way around the hundreds of videos or you could download the videos. You could go search for a addon or extension for your favorite browser or search the myriad of software options. Downloading videos from YouTube can be simple, complex, free, or costly depending upon your experience, time, and resources. Years ago, I purchased a MacBook Pro and I also started learning more about Linux distributions such as Kali and Ubuntu. Moving away …

Continue reading

Homebrew and not the beer kind

| 0 comments

Recently I had a need to install wget and Python on OS X Mavericks and anyone running a Mac can understand the pain point with installers outside of the Apple App Store. Before anyone starts asking the question why not use curl? That is like asking why not use Microsoft Windows? Now I am not bashing Windows because I use thisĀ  operating system depending upon my needs and task at hand. As a side note, it is possible to use Xcode and curl to compile and install wget, but why work harder rather than smarter? If you wish to take …

Continue reading

What can we learn from the 2013 Adobe database breach

| 0 comments

Early October 2013, Adobe announced that they fell victim to a cyberattack and their database was breached to the degree that 2.9 million customers are impacted in one way or another. From my point of view it is great that Adobe regrets the incident and apologizes for the inconvenience, but I believe that we as consumers should and must demand so much more than a simple “we are sorry”. In the event this breach is new to you, then I urge you to visit Troy Hunt’s new site ‘;–have i been pwned? Troy has done an exceptional job at bringing …

Continue reading

Fingerprinting a web server with httprecon

| 0 comments

Web applications unfortunately are vulnerable and for this reason they are often the gateway for attacks. An attacker is going to perform reconnaissance to understand where a weakness may reside. Of course understand what web server platform is running is critical to understand what type attack may or may not be successful. In other word, knowing the application server one can then begin investigation into what vulnerabilities may exist. There are a variety of tools and mechanisms you may employ to fingerprint your target. One such tool is httprecon and the user interface is very simple and provides a wealth …

Continue reading