"Security" tag
Verify firewall security

Advanced Nmap: Scanning Firewalls Continued

The previous article detailed methods to scan an IPCop-based firewall in a test environment. The scan output revealed several open ports, which could lead to various vulnerabilities. Based on the scan results, several…

VNCInjection with courtesy shell enabled, by default

Metasploit 101 with Meterpreter Payload

The Metasploit framework is well known in the realm of exploit development. It is a standalone tool for security researchers, penetration testers and IDS/IPS developers. As of now, it has 640 exploit definitions…


Securing Apache, Part 6: Attacks on Session Management

In this part of the series, we are going to concentrate on attacks on session management. Application-level attacks on the session is about obtaining or manipulating the session ID without any prior information…

Firewall Scan

Advanced Nmap: Scanning Firewalls

After four articles on Nmap [1, 2, 3 & 4], which explained a number of command-line options for scan technique specification, target specification, port specifications, host discovery, evasion techniques, etc, it is time…


Securing Apache, Part 5: HTTP Message Architecture

In the last four articles in this series, we have discussed SQL injection, XSS, CSRF, XST and XSHM attacks, and security solutions. This article focuses on attacks exploiting the HTTP message architecture in…

Scan time!

Advanced Nmap: FIN Scan & OS Detection

Nmap is a fantastic tool, and I just can’t refrain from praising it, every time I use it. The earlier articles in this series have detailed many important Nmap scan types. Let us…

Nmap Scanning Techniques

Advanced Nmap: Scanning Techniques Continued

The earlier articles on Nmap had covered the basic features, the working of the TCP 3-way handshake, and some important scan types, along with their practical use. The third article in this series…

Advanced Nmap

Advanced NMap: Some Scan Types

A broad overview and the basic features of NMap have been covered in an earlier article in this series of articles on Nmap. In this article, we discuss in detail various NMap scan…

Security measures

Securing Apache, Part 2: XSS Injections

In the previous article in this series, we started our journey to a secured Apache by dissecting its internals. We then looked at various attacks against Web applications via injection flaws, beginning with…

All published articles are released under Creative Commons Attribution-NonCommercial 3.0 Unported License, unless otherwise noted.
Open Source For You is powered by WordPress, which gladly sits on top of a CentOS-based LEMP stack.

Creative Commons License.