I decided to change a little chronology of the documents. Although this part was supposed to be dedicated to testing frameworks, I decided to devote it to an introduction to writing unit tests: What are they really, and what tests should we be creating? By design, each unit test […]
Vulnserver is a Windows TCP server running on port 9999. It was written by Stephen Bradshaw whose blog is located here. The server was intentionally written to be vulnerable, for the purpose of learning how to fuzz a real target. The problem is that when we’re learning, we […]
For those of you who have been following my eventful career, you already know that this is actually my second published tutorial. Just to bring you up to date, my first tutorial was titled Pas à Pas vers l’Assembleur and was originally written in April, 2009.
After that, I made […]
1. Initializing the TPM
To secure our data we must first initialize the TPM. What we’re actually doing is changing the settings of the hardware TPM chip module on the computer motherboard itself.
First we must initialize the TPM physical chip with the tpm_clear command, which returns the TPM to the […]
For today’s hot seat we have Mr. Raffael Marty but before starting up with the interview questions, I would like to thank him who agreed to be interviewed. It is really an honor to interview the man who is one of the world’s most recognized authorities on security data […]
Backtrack is one of the most popular Linux distributions used for Penetration testing and Security Auditing. The Backtrack development team is sponsored by Offensive Security. On 13th August 2012, Backtrack 5 R3 was released. This included the addition of about 60 new tools, most of which were released during […]
1. Packet Filtering Introduction
This tutorial will talk about packet filtering. First we must define what packet filtering is. Packet filtering is a process of allowing or blocking packets at an arbitrary layer of OSI: physical, data-link, network, transport, session, presentation or application layer. More about OSI can be read […]
I’ve been a security enthusiast for years now, and currently I’m working as a security penetration tester. Over the years it has happened that I’ve heard about a new security method I’ve never encountered before. When I started doing research about the topic, it was all very interesting, […]
Security Automation Essentials: Streamlined Enterprise Security Management & Monitoring with SCAP provides IT security managers in both government agencies and private organizations with full details on the capabilities of SCAP (Security Content Automation Protocol) technologies. SCAP reduces dozens of individual security-related tasks to simple, streamlined, and automated tasks that […]
The TPM stands for the Trusted Platform Module, which is a secure microprocessor that can store cryptographic keys that are further used to encrypt/decrypt data.
The following picture is taken from Wikipedia :
We can read more about the picture in . We should just say that TPM is a […]
A lot of people wonder how to approach writing code. So I decided to write on this topic in a few articles. Here’s the first one, I hope that it will be interesting for you.
We begin our adventure
Today I would like to introduce you to S.O.L.I.D. We will learn […]
This book shows how to assess a network’s vulnerabilities, zero in on targets, and effectively block intruders. Using the tested security techniques and real-world case studies featured in this one-of-a-kind guide, IT security pros will be able to expose, pursue, and prosecute the perpetrators of advanced persistent threats (APTs). […]
The expert advice and defense strategies from the world-renowned Hacking Exposed team shows IT security pros how to bolster their system’s security and defeat the tools and tactics of cyber-criminals. Case studies expose the hacker’s latest devious methods and illustrate field-tested remedies. Readers will learn how to block infrastructure […]
A few days ago, I attended (and maybe trolled) a hacker conference called ROOTCON in Cebu City, Philippines at Cebu Parklane Hotel. To be honest, this is my second experience with ROOTCON and I think there are a lot of things I learned from this experience. One of the […]
In this tutorial we will learn how to read a packet header. It’s not very common to inspect packet fields, but it is important to know how to read and inspect packet fields manually in case you ever need to, for example if a new protocol that your sniffer […]
First we must mention that iptables is a Linux kernel firewall, which is why we can categorize it with the picture below:
The picture is presented so we can better imagine how firewalls and iptables firewall are connected with information security in general. I’ve also written an article about […]
After the first stage it was time for step two. What can I say? Here is a further classification of software testing methods. First, get to know the theory, then calmly deal with the practice of knowledge. The text is almost like StarWars is not it?
Testing due to the […]
Joomla Security Scanner
Joomla Security Scanner Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla Websites.
It will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla Sites. No web security scanner is dedicated only one CMS.
Features of Joomla Security Scanner
InfoSec Institute is seeking an energetic and innovative Content Acquisition Manager for our Intense School brand to develop and maintain an industry-leading online publication. You will shape the success for our program’s initiatives by developing and defining the content and publishing schedule. This is a multi-faceted job in a […]
Those trained and experienced in the Information Security area know all about IDS systems, biometric security, Disaster Recovery systems, and all the other expensive technologies available to large enterprises with their large budgets.
Quite often overlooked in this area however, are the vast number of small and medium enterprises. Statistics […]