A great SECINT (Security Intelligence) paper John Stewart wrote: http://www.cisco.com/web/about/security/intelligence/JNS_TTPs.pdf Basics must be mastered: patching Identity: Strong identity, federated Identity, and identity based networking Eliminate dark space Notice that the basic #1 item is patching. We must be able to cover patching on a timely basis with a regular methodology. Otherwise our systems are … Read more
It would be a good idea to test your system hacking skills on systems that are not production systems. But who has time to create systems with a few vulnerabilities? Well it is vulnhub.com Here is Bwapp which you can download which is actually a vmware instance of a vulnerable application which can be “test” … Read more
From Wikipedia. The problem is, Cybersecurity seems easy to those of us in the Security field (just like the above game) but yet the strategy is hard when we try to explain to an Executive immersed in their regular world. Cyberstrategy is also not so cut and dried. The hackers are attacking old … Read more
Hacking Wifi is useful since we want to test our defenses, to make sure we have a certain level of defense set up. Aircrak-ng is used to crack the Wifi encryption that is available on Kali Linux Operating system (the operating system built for pentesters/ethical hackers) As in this tutorial by WonderHowTo there is a few … Read more
Here is a website link that discusses Hydra trying to crack online passwords at websites: http://insidetrust.blogspot.com/2011/08/using-hydra-to-dictionary-attack-web.html The tool can attack (and iterate) through a set amount of dictionary passwords to ssh and ftp server accounts very easily (without any extra configuration) If there are website forms that have usernames and passwords (like WordPress or Joomla … Read more
