PenTest Edition: Kismet Wireless
Kismet is a type of passive 802.11 (wireless) data-link layer packet sniffer and network detector. As long as you possess a network adapter that supports Monitor mode, you can sniff and identify 802.11a/b/g/n networks. Kismet is available for Linux, FreeBSD, NetBSD, OpenBSD, and Mac OS X. Although you can download and install it on a Windows ...
Secure Software Development Practices
The software applications we utilize are absolutely productive and wonderful tools to have, but they're also used as attack vectors to gain a leverage inside the organization that use these applications. That's why it's important that we secure the development of software from start to finish. Historically, the software development team and the quality assurance ...
What is Snort? Bonus: How to Write Snort Rules!
Snort is an open-source, signature-based Network-based Intrusion Detection System (NIDS). Actually, Snort is much more than just a NIDS because it also acts a packet analyzer and a Network-based Intrusion Prevention System (NIPS). Snort was originally developed to be a packet analyzer, and with such sniffing capabilities, it can be used to detect intrusions on ...
Intrusion Detection and Prevention Systems
The process of intrusion detection involves the monitoring of systems or networks for any signs and occurrences of events or incidents deemed either suspicious or in violation of to an organization's security policy or rule set. An "Intrusion Detection System (IDS)" is a hardware appliance or software that has the ability to detect signs of ...
Common Endpoint Vulnerabilities and Their Proper Remediation
Endpoints are end-user devices (think mobile, desktop, peripherals, or otherwise). Mobile smartphones, especially, are common attack vectors. Here, I'll discuss the more predominant vulnerabilities facing our endpoints and what we can do to prevent and mitigate these problems. Malicious E-Mail Attachments Malicious e-mail attachments are always concerning because many employees click on them and end ...
The Cybersecurity Man 