01: Introduction to Ethical Hacking

Information Security overview


  • HACK VALUE — Notion that indicates how much it is worth it to acquire the target.
  • VULNERABILITY — Existence of a flaw, implementation or design error that can be exploited by an unexpected event to compromise the security of a system.
  • EXPLOIT — A breach in the security of an IT system through a vulnerability.
  • PAYLOAD — The payload is the part of an exploit code that performs malicious activities such as creating a backdoor, encrypting files.
  • ZERO-DAY — Vulnerability not yet patched by the vendor. An 0-day attack exploits this type of vulnerability before the patch is released.
  • DAISY…

In this article I will touch some points on Linux Security and Linux Hardening, I won’t go into much deep because I would like to do that in dedicated articles, so enjoy this reading!

General Security

What does make Linux a secure Operating System?

Linux is an open-source Operating System (technically Linux is the kernel), and beacuse of it is more difficult to insert any backdoor or malicious code into the source without anyone noticing. Windows often suffers for bugs that persist for months or years before being patched, and only Microsoft have access to the source code.

Linux is a multiuser system and could segregate access to files or…

For some time I’ve been wanting to install and try an open source firewall that is more complete than the usual UFW of Debian-based distros, so today we’ll see how to install and configure pfSense in a virtual environment, and we’ll do some testing.

pfSense is an open source firewall based on FreeBSD, the company that supports it also resells the hardware version, both for individuals and enterprise companies, moreover there are also cloud versions for AWS and Microsoft Azure. …

This is the second walkthrough (link to the first one)and we are going to break Monitoring VM, always from Vulnhub. Download the OVA file here.

Our lab is set as we did with Cherry 1, a Kali Linux machine and the Monitoring box, both on a NAT network with CIDR
Kali Linux has IP
Monitoring box has IP (Ubuntu 16.04.7)

We have the same problem here: connecting Monitoring to the right interface. This machine use a network interface name which were not the one VirtualBox provided to Monitoring. …

In this article we will go through Cherry 1 VM from Vulnhub, an easy virtual machine to help you out with security tools and improve your skills. You can download the OVA file here.

Our lab is set with a Kali Linux machine and the Cherry 1, both on a NAT network with CIDR
Kali Linux has IP
Cherry 1 has IP (Ubuntu 20.04.1)

As we were using VirtualBox we encountered a networking problem because the Cherry 1 was built for VMware Workstation Player. This machine use a network interface name which were not the one VirtualBox…

Mattia Zignale

Cybersecurity lover — DevSecOps Engineer @ THE I

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store