How to configure a SSL-VPN with certificate authentication on a Fortigate
How to configure a SSL-VPN with certificate authentication on a Fortigate
This guide details the steps to configure an SSL VPN with certificate authentication on a Fortigate device, using OPENSSL to generate the necessary CA and certificates. Key steps include generating a root certificate, creating server and client certificate signing requests (CSRs), signing the CSRs, and importing the certificates into the Fortigate. The guide also covers configuring PKI users, SSL-VPN settings, and troubleshooting commands.
Checklist for Fortigate admin access over SSL-VPN
Checklist for Fortigate admin access over SSL-VPN
The checklist for Fortigate admin access over SSL-VPN includes ensuring trusted hosts are configured, allowing access on the interface, establishing a firewall policy from the SSL-VPN interface to the LAN, and verifying the routing table for proper connectivity. Specific configuration commands are provided for each step to facilitate the setup process.
4 tabletop exercises every security team should run | CSO Online
4 tabletop exercises every security team should run | CSO Online
Security teams should run tabletop exercises to prepare for ransomware, third-party risks, insider threats, and distributed denial-of-service (DDoS) attacks. These exercises help identify vulnerabilities, improve response strategies, and ensure compliance with regulatory requirements. Key questions for each scenario include data encryption, partner vetting, insider threat detection, and DDoS mitigation plans. Regularly conducting these exercises with relevant stakeholders, including legal and communications teams, enhances overall cybersecurity readiness.
ired.team 红队笔记 渗透测试备忘单
ired.team 红队笔记 渗透测试备忘单
这篇文章是关于渗透测试备忘单和红队笔记的。它包含了各种命令和技术,如检查Powershell日志记录、检查WinEvent日志中的SecureString泄露、审计政策、检查LSASS是否在PPL中运行等。此外,还包括了一些利用技术,如二进制利用、破解ZIP密码、设置简单的HTTP服务器等。文章还提供了一些有用的命令和工具,如MySQL用户定义功能提权、Docker权限提升、重置root密码等。最后,还提供了一些网络工具和技术,如端口转发、SSH隧道、文件传输协议等。
Incident-Response-Powershell 应急响应脚本
Incident-Response-Powershell 应急响应脚本
这篇文章介绍了一个名为"Incident-Response-Powershell"的应急响应脚本,可以帮助响应Windows设备上的网络攻击。脚本包括收集Windows事件、安全事件、即插即用设备、本地管理员等信息,并可以将取证文物导出为CSV文件以进行SIEM导入。文章还提供了脚本的下载地址和效果图。
Nessus 特别版+2024插件 10.6.4 For Linux【适用于Debian & Ubuntu系统】
Nessus 特别版+2024插件 10.6.4 For Linux【适用于Debian & Ubuntu系统】
这篇文章介绍了Nessus+2024插件的安装步骤。提供了下载脚本和安装方法,并附有插件数量和卸载方法。文章还包含了Nessus的启动和停止命令以及注意事项。请注意,本文仅供参考,请遵守软件许可协议和法律法规。
AC-Hunter™ Community Edition - Active Countermeasures
AC-Hunter™ Community Edition - Active Countermeasures
AC-Hunter™ Community Edition is a free version of AC-Hunter that provides threat hunting functionality with some limitations. It offers the same powerful threat hunting analytics and network insights as the paid Enterprise Edition. Users can choose between an install script or a VMWare virtual image based on their specific use case. AC-Hunter Enterprise and AC-Hunter Community Edition are compared in a chart, and users are also directed to other threat hunting tools.
11款轻量、简洁、可用于内网穿透的免费隧道工具与平台 » 老E的博客
11款轻量、简洁、可用于内网穿透的免费隧道工具与平台 » 老E的博客
本文介绍了11款免费、可用于内网穿透的轻量、简洁的隧道工具和平台,包括Loophole、localhost.run、localtunnel、expose、bore、tabserve、staqlab、jprq、zrok、telebit和ssh-j.com。这些工具提供了将本地服务器暴露到公共网络的功能,支持不同的隧道协议和自定义域名。
10 cybersecurity frameworks you need to know about - Help Net Security
10 cybersecurity frameworks you need to know about - Help Net Security
This article highlights 10 essential cybersecurity frameworks that organizations should be aware of and implement to protect their digital assets. These frameworks include the NIST Cybersecurity Framework, ISO/IEC 27001, CIS Critical Security Controls, COBIT, CSA Cloud Controls Matrix, HITRUST CSF, Katakri, PCI DSS, SOGP, and Secure Controls Framework. Each framework offers a structured and strategic approach to managing cybersecurity risks and enhancing an organization's cybersecurity posture.
PNETLab : Lab is Simple
PNETLab : Lab is Simple
To use PNETLab, download the .ova file and deploy it on virtualization platforms like VirtualBox or VMWare. Make sure to enable virtualization in your BIOS. After deployment, register and login to access the PNETLab box through your browser. You can choose between online and offline mode, with offline mode not requiring registration. In the PNETLab box, you can go to the store to download free labs and practice them. The labs come with lab files, workbooks, and instructions on how to use the console.
5 Best Open Source SIEM Tools | Mezmo
5 Best Open Source SIEM Tools | Mezmo
This post discusses the 5 best open-source SIEM tools for organizations looking to mitigate cybersecurity risks and detect threats. The featured SIEM solutions include AlienVault OSSIM, MozDef, Wazuh, Prelude OSS, and Sagan, each with its own unique features and advantages. The post emphasizes the importance of finding a SIEM that suits specific needs and offers effective threat detection capabilities.
Create and host a tunnel - Microsoft dev tunnels | Microsoft Learn
Create and host a tunnel - Microsoft dev tunnels | Microsoft Learn
Learn how to create and host a dev tunnel using Microsoft's devtunnel CLI tool. This article provides step-by-step instructions for installing the CLI on different operating systems, logging in, hosting a dev tunnel, and connecting to it. With dev tunnels, you can securely test and debug web apps and webhooks from anywhere.