Educate yourself on how to harden your own systems
Category: Application, Data, & Host Security
PenTest Edition: Kismet Wireless
Kismet is a type of passive 802.11 (wireless) data-link layer packet sniffer and network detector. As long as you possess a network adapter that supports Monitor mode, you can sniff and identify 802.11a/b/g/n networks. Kismet is available for Linux, FreeBSD, NetBSD, OpenBSD, and Mac OS X. Although you can download and install it on a Windows ...
Secure Software Development Practices
The software applications we utilize are absolutely productive and wonderful tools to have, but they're also used as attack vectors to gain a leverage inside the organization that use these applications. That's why it's important that we secure the development of software from start to finish. Historically, the software development team and the quality assurance ...
Intrusion Detection and Prevention Systems
The process of intrusion detection involves the monitoring of systems or networks for any signs and occurrences of events or incidents deemed either suspicious or in violation of to an organization's security policy or rule set. An "Intrusion Detection System (IDS)" is a hardware appliance or software that has the ability to detect signs of ...
Common Endpoint Vulnerabilities and Their Proper Remediation
Endpoints are end-user devices (think mobile, desktop, peripherals, or otherwise). Mobile smartphones, especially, are common attack vectors. Here, I'll discuss the more predominant vulnerabilities facing our endpoints and what we can do to prevent and mitigate these problems. Malicious E-Mail Attachments Malicious e-mail attachments are always concerning because many employees click on them and end ...
PenTest Edition: Active Reconnaissance and Port Scanning Using Nmap
Nmap, or "Network Mapper," is a network discovery, analysis, and auditing tool utilized by both network defenders and network attackers. As an exceedingly flexible tool with dozens of methods for mapping out networks, Nmap has become a critically acclaimed and well-supported cyber tool. Using Nmap, we can perform network sweeps to discover available hosts on ...
The Cybersecurity Man 