Learning, Sharing, Creating
Qualys Community Edition is a free version of the Qualys Cloud Platform designed for the security community. Discover IT assets. Manage vulnerabilities. Scan web apps. Inventory cloud assets.
This topic has been haunted in my mind for quite a while. As an information security guy, we got tons of reports about end point activities. One of them is…
Unlike passive information gathering, which involves an intermediate system for gathering information, active information gathering involves a direct connection with the target.The client probes for information directly with the target…
This post is focusing on how to build a simple Pen test lab with a minimal effort and also it can provides enough practice opportunity. It will be a series…
An information gathering endeavor is the pen tester locates publicly available information related to the target and seeks ways that could be exploited to get into the systems. There are…
Acunetix vulnerability scanner license is counted by the target number. Once consumed your target numbers, you wont be able to add new target into your scanner to do another scan.…
Here are some of my collections from Internet about Threat Hunting tools, information and resources. Steps to Scan and Fix your System 4.1 Download Malwarebytes Double click on the installer…
This post is to summarize some security incidents investigation steps using DarkTrace. Investigation methodology Any incident responder will always begin by asking some high-level questions concerning the incident under investigation…
One of my servers has been found two urgent (severity 5) vulnerabilities. Qualys scan report does give lots of details about those vulnerabilities such as solutions, patches, links etc. Applied…
It was interesting during one of our Vulnerability Scanning. There are lots of machines listening on port 12345, and it does has lots of connection on it. Also, PID is…
Recent during a vulnerability scan , there is RC4 cipher found using on SSL/TLS connection at port 3389. The solution in the Qualys report is not clear how to fix.…
There are more and more websites using CDN (Content Delivery Network) to help deliver their contents to end users. It is faster, safer and more reliable. At the same time,…
