Sep. 14, 2015
This happened over the weekend. I was in a mood of taking a break from work after so many working weekends. As usual I was about to wind up my day at a coffee shop near by on a Friday evening, and I got a call from a fellow researcher seeking help to solve a problem at his work desk. He had to scan hundreds of IP addresses with multiple ranges, both internal and external.
Aug. 6, 2015
As I promised here is a detailed write-up on null humla conducted on Mastering Nmap Script Engine at Mumbai null chapter on 18 July 2015. The basic agenda of the session is to learn how to write Nmap Scripts from scratch.
Introduction Nmap has been playing an inevitable role in the security community over more than one and half decades. Though the project started as a simple network port scanner, it has been evolved into a massive toolset to do complete reconnaissance with a ton of impressive advanced techniques.
Jul. 30, 2013
I started my career in information security as a trainer with very simple responsibility of teaching people about ethical hacking and defensive measures to protect digital data from such hacking threats. This task was slightly heavy for me initially being a silent spectator in my past days. Also, it demanded my energy for the whole day talking about the phases of performing ethical hacking exercises. Still I was enjoying this learning phase being a newbie in the field.
Jul. 6, 2013
This is the most stupid question I asked to my boss (in my memory) in my entire career. Ages after I now recollect this question with a laugh inside my heart and wanted to write on it as this is typically a common and silly doubt in most of newborn security babies may have in their heads when they first look at Wireshark capture window.
Wireshark uses packet colorization; in a nutshell, Wireshark has a predefined coloring rules for certain packets.
Mar. 15, 2012
This is a video demonstration of sqlmap plugin with burpsuite explained in by https://buguroo.com/es/sqlmap-plugin-for-burpsuite by ggdaniel
The plugin download is here : http://code.google.com/p/gason/downloads/list
The following command will integrate Burp with the plugin:
In Linux
java -classpath burpplugins.jar:"BurpSuite_v1.4.01.jar" burp.StartBurp In Windows
java -classpath burpsuite_v1.4.01.jar;burpplugins.jar burp.StartBurp Note : please modify the command depend on the file name of burp and plugin, in this case, Burp version is “v1.4.01”;
Video below
Dec. 29, 2011
Let’s think about logging. A smart hacker will always go for covert mode of action, this require the knowledge of how the logging is happening in the target system, get the privilege to access those files, and clean the entries. Now considering the first step, linux system stores all sort of logs in a default location /var/log/. This location contains multiple log files depends of the application running on the system.