"Security" tag
Hacker alert!

Modify-function-return-value Hack! — Part 1

Sometimes it’s helpful to think from a hacker’s perspective. The information obtained can be used to write better code and a secure application. An application shipped in release mode (without any debug information)…

Secured!

Securing Apache, Part 9: Attacks that Target PHP-based Instances

Beginning with Part 1 of this series, we have covered all major attacks on Web applications and servers, with examples of vulnerable PHP code. In this article, we will cover those attacks that…

A Recap

Advanced Nmap: A Recap

This final article in the series consolidates information from the previous articles, looks at NMap’s future possibilities, and at the new tools from the development team. Beginning its life as a simple port-scanner,…

Secured!

Securing Apache, Part 8: DoS & DDoS Attacks

In this part of the series, we focus on DoS/DDoS attacks, which have been among the major threats to Web servers since the beginning of the Web 2.0 era. Denial of Service (DoS)…

A network

Nessus with Metasploit — Track and Hack

Networks play an important role in a sysadmin’s life. But have you ever wondered about the security of your network, or tried to find out how vulnerable it is? Let’s discover how to…

Nmap scripts

Advanced Nmap: NMap Script Scanning

In previous articles, we have studied NMap in great detail, including live scanning a firewall and verifying the recommendations. Now, it’s time to study NMap script scanning. Nmap.org describes the Scripting Engine (NSE)…

Locked!

Securing Apache, Part 7: Fool-proofing the Server OS

Moving deeper into Web application and Apache security, let’s now focus on OS commanding attacks, and those that lead to the disclosure of crucial information and server directory paths. The attacks described below…

Let us back track for a while

Digital Forensic Analysis Using BackTrack, Part 1

Digital forensics, the art of recovering and analysing the contents found on digital devices such as desktops, notebooks/netbooks, tablets, smartphones, etc., was little-known a few years ago. However, with the growing incidence of…

Verify firewall security

Advanced Nmap: Scanning Firewalls Continued

The previous article detailed methods to scan an IPCop-based firewall in a test environment. The scan output revealed several open ports, which could lead to various vulnerabilities. Based on the scan results, several…

VNCInjection with courtesy shell enabled, by default

Metasploit 101 with Meterpreter Payload

The Metasploit framework is well known in the realm of exploit development. It is a standalone tool for security researchers, penetration testers and IDS/IPS developers. As of now, it has 640 exploit definitions…

All published articles are released under Creative Commons Attribution-NonCommercial 3.0 Unported License, unless otherwise noted.
Open Source For You is powered by WordPress, which gladly sits on top of a CentOS-based LEMP stack.

Creative Commons License.