Burp Suite Tutorial – Web Application Penetration Testing (Part 1)

 Pentest  Comments Off on Burp Suite Tutorial – Web Application Penetration Testing (Part 1)
Sep 192014
 
Burp Suite Tutorial – Web Application Penetration Testing (Part 1)

Burp Suite from Portswigger is one of my favorite tools to use when performing a Web Application Penetration Test. The following is a step-by-step Burp Suite Tutorial. I will demonstrate how to properly configure and utilize many of Burp’s features. After reading this, you should be able to perform a thorough web application penetration test. This […]

25 PHP Security Best Practices For Sys Admins

 Linux, Security  Comments Off on 25 PHP Security Best Practices For Sys Admins
Sep 192014
 
25 PHP Security Best Practices For Sys Admins

PHP is an open-source server-side scripting language and it is a widely used. The Apache web server provides access to files and content via the HTTP OR HTTPS protocol. A misconfigured server-side scripting language can create all sorts of problems. So, PHP should be used with caution. Here are twenty-five php security best practices for sysadmins for […]

Top 20 OpenSSH Server Best Security Practices

 Security  Comments Off on Top 20 OpenSSH Server Best Security Practices
Sep 192014
 
Top 20 OpenSSH Server Best Security Practices

OpenSSH is the implementation of the SSH protocol. OpenSSH is recommended for remote login, making backups, remote file transfer via scp or sftp, and much more. SSH is perfect to keep confidentiality and integrity for data exchanged between two networks and systems. However, the main advantage is server authentication, through the use of public key […]

Top 20 Nginx WebServer Best Security Practices

 Security  Comments Off on Top 20 Nginx WebServer Best Security Practices
Sep 192014
 

Nginx is a lightweight, high performance web server/reverse proxy and e-mail (IMAP/POP3) proxy. It runs on UNIX, GNU/Linux, BSD variants, Mac OS X, Solaris, and Microsoft Windows. According to Netcraft, 6% of all domains on the Internet use nginx webserver. Nginx is one of a handful of servers written to address the C10K problem. Unlike […]

Linux / Unix logtop: Realtime Log Line Rate Analyser

 Linux  Comments Off on Linux / Unix logtop: Realtime Log Line Rate Analyser
Sep 192014
 
Linux / Unix logtop: Realtime Log Line Rate Analyser

How can I analyze line rate taking log file as input on a Linux system? How do I find the IP flooding my Apache/Nginx/Lighttpd web-server on a Debian or Ubuntu Linux? Tutorial details Difficulty Easy (rss) Root privileges Yes Requirements None Estimated completion time N/A You need to use a tool called logtop. It is a […]

RHEL / Centos 6: Install Nginx Using Yum Command

 Linux  Comments Off on RHEL / Centos 6: Install Nginx Using Yum Command
Sep 192014
 

How can I install Nginx web server On CentOS Linux 6 or Red Hat Enterprise Linux 6 using yum command? Tutorial details Difficulty Intermediate (rss) Root privileges Yes Requirements CentOS/RHELyum Estimated completion time N/A Recently, nginx web project started to distribute binary packages using nginx yum repository. You can either create /etc/yum.repos.d/nginx.repo or directly install rpm […]