Quantcast
Channel: HolisticInfoSec™
Browsing all 134 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

toolsmith: ModSecurity for IIS

Part 2 of 2 - Web Application Security Flaw Discovery and PreventionPrerequisites/dependenciesWindows OS with IIS (Win2k8 used for this article)SQL Server Express 2004 SP4 and Management Studio Express...

View Article


Image may be NSFW.
Clik here to view.

toolsmith: Hey Lynis, Audit This

Prerequisites/dependenciesUnix/Linux operating systemsIntroductionHappy holidays to all readers, the ISSA community, and infosec tool users everywhere. As part of December’s editorial theme for the...

View Article


Image may be NSFW.
Clik here to view.

toolsmith: Social-Engineer Toolkit (SET) - Pwning the Person

Prerequisites/dependenciesPython interpreterMetasploitBackTrack 5 R3 also includes SET IntroductionMy first discussion of  Dave Kennedy’s (@dave_rel1k) Social-Engineer Toolkit (SET) came during...

View Article

Image may be NSFW.
Clik here to view.

2012 Toolsmith Tool of the Year: ModSecurity for IIS

Congratulations to Ryan Barnett of Trustwave and Greg Wroblewski of Microsoft.ModSecurity for IIS is the 2012 Toolsmith Tool of the Year.ModSecurity for IIS finished with 35.4% of the vote, while the...

View Article

Image may be NSFW.
Clik here to view.

toolsmith: Collective Intelligence Framework

PrerequisitesLinux for server, stable on Debian Lenny and Squeeze, and Ubuntu v10Perl for client (stable), Python client currently unstableIntroductionAs is often the case when plumbing the depths of...

View Article


MORPHINATOR & cyber maneuver as a defensive tactic

In June I read an outstanding paper from MAJ Scott Applegate, US Army, entitled The Principle of Maneuver in Cyber Operations, written as part of his work at George Mason University.Then yesterday, I...

View Article

Image may be NSFW.
Clik here to view.

toolsmith: NOWASP Mutillidae

PrerequisitesXAMPP is most convenientNOWASP can be configured to run on Linux, Mac, and WindowsIntroductionI’m writing this month’s column fresh on the heels of presenting OWASP Top 10 Tools and...

View Article

Image may be NSFW.
Clik here to view.

toolsmith: SearchDiggity - Dig Before They Do

PrerequisitesWindows .NET FrameworkIntroductionI’ve been conducting quite a bit of open source intelligence gathering (OSINT) recently as part of a variety of engagements and realized I hadn’t...

View Article


The replacement security analyst's Top 10

I'm a huge football fan so the depth of my joy at the return of the "real" NFL referees cannot be measured. Given the replacement ref debacle I felt compelled to share a replacement security analyst's...

View Article


Image may be NSFW.
Clik here to view.

toolsmith: Network Security Toolkit (NST) - Packet Analysis Personified

PrerequisitesVirtualization software if you don’t wish to run NST as a LiveCD or install to dedicated hardware.IntroductionAs I write this I’m on the way back from SANS Network Security in Las Vegas...

View Article

Image may be NSFW.
Clik here to view.

toolsmith: Arachni - Web Application Security Scanner

Part 1 of 2 - Web Application Security Flaw Discovery and PreventionPrerequisites/dependenciesRuby 1.9.2 or higher in any *nix environmentIntroductionThis month’s issue kicks off a two part series on...

View Article

CTIN Digital Forensics Conference - No fluff, all forensics

For those of you in the Seattle area or willing to travel who are interested in digital forensics there is a great opportunity to learn and socialize coming up in March.The CTIN Digital Forensics...

View Article

Image may be NSFW.
Clik here to view.

toolsmith: ModSecurity for IIS

Part 2 of 2 - Web Application Security Flaw Discovery and PreventionPrerequisites/dependenciesWindows OS with IIS (Win2k8 used for this article)SQL Server Express 2004 SP4 and Management Studio Express...

View Article


Choose the 2012 Toolsmith Tool of the Year

Merry Christmas and Happy New Year! It's that time again.Please vote below to choose the best of 2012, the 2012 Toolsmith Tool of the Year.We covered some outstanding information security-related tools...

View Article

Image may be NSFW.
Clik here to view.

toolsmith: Violent Python - A Book Review Applied to Security Analytics

Prerequisites/dependenciesPython interpreter BackTrack 5 R3 is ideally suited to make immediate use of Violent Python scriptsIntroductionHappy New Year and congratulations on surviving the end of the...

View Article


Follow up on C3CM: Pt 2 – Bro with Logstash & Kibana (read Applied NSM)

In September I covered using Bro with Logstash and Kibana as part of my C3CM (identify, interrupt, and counter the command, control, and communications capabilities of our digital assailants)series in...

View Article

Image may be NSFW.
Clik here to view.

toolsmith: Tails - The Amnesiac Incognito Live System

Privacy for anyone anywherePrerequisites/dependenciesSystems that can boot DVD, USB, or SD media (x86, no PowerPC or ARM), 1GB RAMIntroduction“We will open the book. Its pages are blank. We are going...

View Article


Image may be NSFW.
Clik here to view.

2013 Toolsmith Tool of the Year: Recon-ng

Congratulations to Tim Tomes of Black Hills Information Security.@LaNMaSteR53's Recon-ng is the 2013 Toolsmith Tool of the Year.We had quite the turnout this year, with 881 total votes. Recon-ng...

View Article

Image may be NSFW.
Clik here to view.

toolsmith: SimpleRisk - Enterprise Risk Management Simplified

Prerequisites/dependenciesLAMP/XAMPP serverIntroductionOur editorial theme for February’s ISSA Journal happens to be Risk, Threats, and Vulnerabilitieswhich means that Josh Sokol’s SimpleRisk as our...

View Article

Image may be NSFW.
Clik here to view.

toolsmith: SpiderFoot

Prerequisites/dependenciesPython 2.7 if running on *nix as well as M2Crypto, CherryPy, netaddr, dnspython, and Mako modulesWindows version comes as a pre-packaged executable, no...

View Article
Browsing all 134 articles
Browse latest View live