Atom the hackable text editor

| 0 comments

Today I ran across a text editor over on GitHub called Atom that is just absolutely amazing in my book. It is also worth pointing out that there are a number of cross platform release such a Debian, Windows, Mac and more. I would suggest that if Atom sounds like something that you may be interested in then you should spend some time reading over the documentation. First Run Once you have installed Atom and you open it for the first time you are presented a dialog that both introduces Atom and what you can do with Atom. The latter …

Continue reading

Creating a proxy chain in Linux

| 0 comments

There obviously are time that you may want to make use of a proxy server in order to provide yourself a level of anonymity that you may otherwise no have. Proxies also provide benefits in terms of restricted content that may be filtered with your region or country. Think of it this way, if YouTube is blocked in the Middle East then a proxy may help you to overcome that block. Now to be clear a proxy server also helps to increase performance by storing a copy of frequently used webpages. When a browser requests a webpage stored in the …

Continue reading

Using the web application attack and audit framework known as w3af to test your security

| 0 comments

w3af is a Web Application Attack and Audit Framework is an amazing tool that is written in Python and has the capability to find more than 200 defined vulnerabilities. Not only does it look for the usual suspects such as SQL injection, it also handles crawling, bruteforce, authentication, and so much more. There are a number of vulnerability scanners both commercial and open source, but it all comes down to what you prefer. I tend to lean toward the open source community because of transparency, community involvement, and the fact there is zero cost. Unfortunately web applications pose one of …

Continue reading

Create a custom wordlist using SmeegeScrape for use in forensics or pentesting

| 0 comments

If you working either in forensics or penetration testing you will absolutely come across the need to create a custom word list. You may be thinking to yourself a custom word list is not needed because you have a number of lists that you have created or gathered over the years. I will not argue that have a bag of lists is not needed because I have my own collection as well. I submit to you that if you have a specific target then understanding said target will be useful when it comes to password cracking. For example, if your …

Continue reading

Find and correct WordPress vulnerabilities using WPScan

| 0 comments

If you run a WordPress based website then you should sit up, pull out your notepad, and carefully consider the idea of running WPScan on your site in order to if you have any security vulnerabilities that may require your attention. This is not to say that WordPress is vulnerable per say, but the fact is all software contains some level of vulnerabilities and the more you know, the more you will understand and be able to better protect your site. You may be surprised to learn that CVE has 177 documented vulnerabilities over the years concerning WordPress. If you …

Continue reading