Press "Enter" to skip to content

Posts published in “Security”

Install OpenVAS on Ubuntu


OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks’ commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009. 1. Install dependencies $ sudo apt–get install sqlite3 python–software–properties

OpenVAS Virtual Appliance / GreenBone Installation


OpenVAS Framework The GSM Community Edition is a derivate of the GSM ONE and allows a quick and easy option on Windows, Linux or Mac to give the solution a trial. No particular know-how is needed. In contrast to the commercial solution the Community Feed instead of the Greenbone Security Feed is used. Also some management functions like for TLS certificates are…

Metasploit Installation on Windows 7 and 10


The Metasploit Framework (MSF) is far more than just a collection of exploits. It’s an infrastructure that you can build upon and utilize for your custom needs. This allows you to concentrate on your unique environment, and not have to reinvent the wheel. I consider the MSF to be one of the single most useful auditing tools freely available to…

Kali Virtual Appliance Installation and Usage


Kali Linux is the world’s most powerful and popular penetration testing platform, used by security professionals in a wide range of specializations, including penetration testing, forensics, reverse engineering, and vulnerability assessment. It is the culmination of years of refinement and the result of a continuous evolution of the platform, from WHoppiX to WHAX, to BackTrack, and now to a complete…

Top Security Events / Vulnerabilities in 2018, 2017, 2016, 2015, 2014


Here is a list of  top vulnerabilities found since 2015, which I am still working on to compile them together. It will come from different sources and includes those which I believe it is worth taking a note here. 2018 Jan 3,  Spectre and Meltdown vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) Jan 29,  Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability…

Gartner Magic Quadrant for Security Awareness Computer-Based Training (2017,2016,2015,2014)


IT research and advisory firm Gartner, Inc. has evaluated different vendors in the Magic Quadrant for Security Awareness Computer-Based Training (CBT). Gartner’s evaluation criteria includes market understanding, marketing strategy, sales strategy, product strategy and offering, business model, vertical/industry and geographic strategy, and innovation. What is security awareness computer-based training? End-user-focused security education and training is a rapidly growing market. Demand is…

Installation and Configuration of Sophos Enterprise Console 5.1 in your Networks – 2. Configuration


Continue with previous post “Installation and Configuration of Sophos Enterprise Console 5.1 in your Networks – 1. Installation” Steps:  After the installation of the Sophos Enterprise Console you had logged off. Now you logged in and the Console starts automatically. This Windows will appear:

Installation and Configuration of Sophos Enterprise Console 5.1 in your Networks – 1. Installation


This post is a detail documentation how to install Sophos Enterprise Console 5.1 in your networks. Pre-Requirements: copy the Sophos Enterprise Console to the Server (ProdInstall\Sophos\Sophos Console\sec_5.1.exe) check if you are able to connect to the infrastructure server like this: http://IP Server:8085 A webpage like this should be shown to you:

OWASP Top 10 (2010, 2013, 2017)


The Open Web Application Security Project (OWASP) is a non-profit organization dedicated to providing unbiased, practical information about application security.  The OWASP Top 10 Web Application Security Risks was created  in 2010, 2013 and  2017 to provide guidance to developers and security professionals on the most critical vulnerabilities that are commonly found in web applications, which are also easy to…