ReadMe Hi, a few months back, I was part of a cloud penetration testing engagement, the company used Google’s Cloud Platform to host their infrastructure. During the engagement I was searching online for tools and templates used on such engagements, specific to GCP. While many businesses use GCP, not many resources exist specifically for pentesting… Continue reading GCP Pentesting Guide
Category: Informational
Posts regarding pretty much everything. From tools to news.
t-Pot: Honeypot Platform
Hi, in a previous post we created and configured the Cowrie SSH honeypot. A simple, easy and quick way to gather information, malicious IPs, uncover C2 servers, collect downloaded files, executables and scripts associated with cryptominers, reverse shells, DDoS attacks and much more. However, SSH is just one of the many services that attackers might… Continue reading t-Pot: Honeypot Platform
Cowrie: SSH Honeypot
Hi, if you are reading this you probably already know what a honeypot is, so I will skip the intro and get straight to the interesting part. However if you don’t know what a honeypot is you can read this great post by imperva. I will walk you through a fairly easy setup and by… Continue reading Cowrie: SSH Honeypot
#1
Uncovered my 1st cryptominer! A few days back I received a firewall alert regarding a log4j exploitation attempt, targeting a web server. Since every security vendor under the sun has released an update, the request was blocked and the attack was unsuccessful.The reported -source- IP was not flagged as malicious or reported in any of… Continue reading #1
Rant : Hotel
A few days ago I had to book a hotel room for a couple of nights,decided to go directly to the business ratherthan booking the room through a platform to help them avoid the commissions, little did I know that I was in for a surprise.After calling them to finalize the transaction I was presentedwith… Continue reading Rant : Hotel
Planning and Scoping : Engagements
Intro Scope The first step in penetration testing (if executed legally) is determining what should be tested – aka scope of the assessment. Defining scope is arguably one of the most important components of a penetration test, yet it is also one of the most overlooked, determining the scope requires a solid and clear understanding… Continue reading Planning and Scoping : Engagements
Common Vulnerability Scoring System – CVSS
Intro The Common Vulnerability Scoring System (CVSS) provides a numerical representation (scale 0-10) of the severity of an information security vulnerability, it also provides an open framework for communicating the characteristics and severity of software vulnerabilities. CVSS consists of three metric groups: Base, Temporal, and Environmental. The Base group represents the intrinsic qualities of a… Continue reading Common Vulnerability Scoring System – CVSS
Cybersecurity Goals
Intro The primary goal of cybersecurity is to ensure the privacy of information, the correctness of data, and access to authorized users. Although protecting sensitive information from unauthorized disclosure is on element of cybersecurity, it’s not the only one. This brings us to focus on the 3 crucial aspects of security which are confidentiality, integrity, and… Continue reading Cybersecurity Goals
LFI
Local File Inclusion (LFI) is the vulnerability that is mostly found in web servers. This vulnerability is exploited when a user input contains a certain path to the file which might be present on the server and will be included in the output. This kind of vulnerability can be used to read files containing sensitive… Continue reading LFI
Netbios
Intro NetBIOS (Network Basic Input/Output System) is a network service that enables applications on different computers to communicate with each other across a local area network. Today, NetBIOS is used to support legacy NetBIOS applications but is also widely used for NetBIOS name resolution. NetBios is often mistaken for a protocol where in fact it… Continue reading Netbios