An overview of using Tor for online anonymity. — What is Tor? Tor (acronym for The Onion Router) is a free software, released under BSD license, which allows for anonymous communication on the Internet based on the second generation of the network protocol onion routing: its use makes it much more difficult to trace the Internet activity of the user. …

Full Disk Encryption Full disk encryption is encryption at disk level (as suggested by the name) and it is transparent to the user as it operates below the filesystem layer. …

10: IDS/Firewall Evasion and Honeypot An IDS (Intrusion Detection System) is security software (or hardware) that inspects all traffic entering and leaving the network, looking for suspicious patterns. Types of IDS NIDS: Network based IDS, consists of a machine placed in the network in promiscuous mode, listening to the traffic, able to generate alerts in case of malicious…

A while ago a client of mine asked for a WAPT (Web Application Penetration Test) for his company; the web application was built in Microsoft environment, so with all the ASP.NET and .NET framework stuffs that Linux boys always pass: this was the first real WAPT I have ever done. …

07: Sniffing Sniffing concepts Network Sniffing Packet sniffing is a process of monitoring and capturing all packets passing through a network through the use of dedicated software or hardware. Types of Sniffing PASSIVE SNIFFING: refers to a technique of sniffing through hubs (which are no longer in use today) and can only be done in a network where packets…

04: Enumeration Overview In the enumeration phase, the attacker creates connections with the system to perform queries and retrieve information directly from it. Extractable information Network resources, shares, routing table, service settings, FQDN and SNMP details, hostname, users, groups, applications and banners. Enumeration techniques Estract username with email address Estract information with default password

01: Introduction to Ethical Hacking Information Security overview Terminology HACK VALUE — Notion that indicates how much it is worth it to acquire the target. VULNERABILITY — Existence of a flaw, implementation or design error that can be exploited by an unexpected event to compromise the security of a system. EXPLOIT — A breach in the security of an…

In this article I will touch some points on Linux Security and Linux Hardening, I won’t go into much deep because I would like to do that in dedicated articles, so enjoy this reading! General Security What does make Linux a secure Operating System? Linux is an open-source Operating System (technically Linux is the kernel), and beacuse of it is…

For some time I’ve been wanting to install and try an open source firewall that is more complete than the usual UFW of Debian-based distros, so today we’ll see how to install and configure pfSense in a virtual environment, and we’ll do some testing. pfSense is an open source firewall…