Burp Suite from Portswigger is one of my favorite tools to use when performing a Web Application Penetration Test. The following is a step-by-step Burp Suite Tutorial. I will demonstrate how to properly configure and utilize many of Burp’s features. After reading this, you should be able to perform a thorough web application penetration test. This […]
PHP is an open-source server-side scripting language and it is a widely used. The Apache web server provides access to files and content via the HTTP OR HTTPS protocol. A misconfigured server-side scripting language can create all sorts of problems. So, PHP should be used with caution. Here are twenty-five php security best practices for sysadmins for […]
Top 20 OpenSSH Server Best Security Practices
OpenSSH is the implementation of the SSH protocol. OpenSSH is recommended for remote login, making backups, remote file transfer via scp or sftp, and much more. SSH is perfect to keep confidentiality and integrity for data exchanged between two networks and systems. However, the main advantage is server authentication, through the use of public key […]
Top 20 Nginx WebServer Best Security Practices
Nginx is a lightweight, high performance web server/reverse proxy and e-mail (IMAP/POP3) proxy. It runs on UNIX, GNU/Linux, BSD variants, Mac OS X, Solaris, and Microsoft Windows. According to Netcraft, 6% of all domains on the Internet use nginx webserver. Nginx is one of a handful of servers written to address the C10K problem. Unlike […]
Linux / Unix logtop: Realtime Log Line Rate Analyser
How can I analyze line rate taking log file as input on a Linux system? How do I find the IP flooding my Apache/Nginx/Lighttpd web-server on a Debian or Ubuntu Linux? Tutorial details Difficulty Easy (rss) Root privileges Yes Requirements None Estimated completion time N/A You need to use a tool called logtop. It is a […]
RHEL / Centos 6: Install Nginx Using Yum Command
How can I install Nginx web server On CentOS Linux 6 or Red Hat Enterprise Linux 6 using yum command? Tutorial details Difficulty Intermediate (rss) Root privileges Yes Requirements CentOS/RHELyum Estimated completion time N/A Recently, nginx web project started to distribute binary packages using nginx yum repository. You can either create /etc/yum.repos.d/nginx.repo or directly install rpm […]