t-Pot: Honeypot Platform

Hi, in a previous post we created and configured the Cowrie SSH honeypot. A simple, easy and quick way to gather information, malicious IPs, uncover C2 servers, collect downloaded files, executables and scripts associated with cryptominers, reverse shells, DDoS attacks and much more. However, SSH is just one of the many services that attackers might… Continue reading t-Pot: Honeypot Platform

Cowrie: SSH Honeypot

Hi, if you are reading this you probably already know what a honeypot is, so I will skip the intro and get straight to the interesting part. However if you don’t know what a honeypot is you can read this great post by imperva. I will walk you through a fairly easy setup and by… Continue reading Cowrie: SSH Honeypot

#1

Uncovered my 1st cryptominer! A few days back I received a firewall alert regarding a log4j exploitation attempt, targeting a web server. Since every security vendor under the sun has released an update, the request was blocked and the attack was unsuccessful.The reported -source- IP was not flagged as malicious or reported in any of… Continue reading #1

Brute It

Task 1 : About this box Deploy the machine Task 2 : Reconnaissance Question 1 : Search for open ports using nmap.How many ports are open? We will use Nmap to perform a quick scan on the machine, I also performed a full port scan (-p-) but no other ports were open so you can… Continue reading Brute It

Rant : Hotel

A few days ago I had to book a hotel room for a couple of nights,decided to go directly to the business ratherthan booking the room through a platform to help them avoid the commissions, little did I know that I was in for a surprise.After calling them to finalize the transaction I was presentedwith… Continue reading Rant : Hotel

Planning and Scoping : Engagements

Intro Scope The first step in penetration testing (if executed legally) is determining what should be tested – aka scope of the assessment. Defining scope is arguably one of the most important components of a penetration test, yet it is also one of the most overlooked, determining the scope requires a solid and clear understanding… Continue reading Planning and Scoping : Engagements

Common Vulnerability Scoring System – CVSS

Intro The Common Vulnerability Scoring System (CVSS) provides a numerical representation (scale 0-10) of the severity of an information security vulnerability, it also provides an open framework for communicating the characteristics and severity of software vulnerabilities. CVSS consists of three metric groups: Base, Temporal, and Environmental. The Base group represents the intrinsic qualities of a… Continue reading Common Vulnerability Scoring System – CVSS

Cybersecurity Goals

Intro The primary goal of cybersecurity is to ensure the privacy of information, the correctness of data, and access to authorized users. Although protecting sensitive information from unauthorized disclosure is on element of cybersecurity, it’s not the only one. This brings us to focus on the 3 crucial aspects of security which are confidentiality, integrity, and… Continue reading Cybersecurity Goals

LFI

Local File Inclusion (LFI) is the vulnerability that is mostly found in web servers. This vulnerability is exploited when a user input contains a certain path to the file which might be present on the server and will be included in the output. This kind of vulnerability can be used to read files containing sensitive… Continue reading LFI

OhSint

Task 1 : OhSINT Question 1 : What is this users avatar of? Since this is not a Jpeg format, exif didn’t return anything useful, let’s try with exiftool. Since it does not come preinstalled we will need to manually install it. Once the installation finishes we can use the tool # apt install libimage-exiftool-perl… Continue reading OhSint