SRC漏洞思路分享:通过 OneForAll 挖掘子域,发现与修复云存储“列桶/暴露”风险
SRC漏洞思路分享:通过 OneForAll 挖掘子域,发现与修复云存储“列桶/暴露”风险
OneForAll 是一款用于子域收集的开源工具,能帮助安全团队发现未管理的外部资产并进行风险评估。文章介绍了其安装和使用方法,并强调在合规和授权的前提下进行安全评估与修复建议,避免提供未授权入侵的细节。同时,提醒用户在进行渗透测试时需获得明确授权,并优先使用专业安全工具。
Installing OpenVAS on Kali Linux. OpenVAS, an endpoint scanning… | by Hassen Hannachi | Medium
Installing OpenVAS on Kali Linux. OpenVAS, an endpoint scanning… | by Hassen Hannachi | Medium
OpenVAS is an endpoint scanning tool used to identify vulnerabilities in systems. To install it on Kali Linux, ensure the system is updated, then install OpenVAS using specific commands. The setup process involves downloading vulnerability definitions and creating an admin account. Users can verify the installation and manage scanning tasks through a web interface. The guide also covers configuring scan targets, adjusting scan settings, and managing user credentials, emphasizing the importance of effective vulnerability scanning in today's increasingly connected environments.
How to configure a SSL-VPN with certificate authentication on a Fortigate
How to configure a SSL-VPN with certificate authentication on a Fortigate
This guide details the steps to configure an SSL VPN with certificate authentication on a Fortigate device, using OPENSSL to generate the necessary CA and certificates. Key steps include generating a root certificate, creating server and client certificate signing requests (CSRs), signing the CSRs, and importing the certificates into the Fortigate. The guide also covers configuring PKI users, SSL-VPN settings, and troubleshooting commands.
Checklist for Fortigate admin access over SSL-VPN
Checklist for Fortigate admin access over SSL-VPN
The checklist for Fortigate admin access over SSL-VPN includes ensuring trusted hosts are configured, allowing access on the interface, establishing a firewall policy from the SSL-VPN interface to the LAN, and verifying the routing table for proper connectivity. Specific configuration commands are provided for each step to facilitate the setup process.
4 tabletop exercises every security team should run | CSO Online
4 tabletop exercises every security team should run | CSO Online
Security teams should run tabletop exercises to prepare for ransomware, third-party risks, insider threats, and distributed denial-of-service (DDoS) attacks. These exercises help identify vulnerabilities, improve response strategies, and ensure compliance with regulatory requirements. Key questions for each scenario include data encryption, partner vetting, insider threat detection, and DDoS mitigation plans. Regularly conducting these exercises with relevant stakeholders, including legal and communications teams, enhances overall cybersecurity readiness.
ired.team 红队笔记 渗透测试备忘单
ired.team 红队笔记 渗透测试备忘单
这篇文章是关于渗透测试备忘单和红队笔记的。它包含了各种命令和技术,如检查Powershell日志记录、检查WinEvent日志中的SecureString泄露、审计政策、检查LSASS是否在PPL中运行等。此外,还包括了一些利用技术,如二进制利用、破解ZIP密码、设置简单的HTTP服务器等。文章还提供了一些有用的命令和工具,如MySQL用户定义功能提权、Docker权限提升、重置root密码等。最后,还提供了一些网络工具和技术,如端口转发、SSH隧道、文件传输协议等。
Incident-Response-Powershell 应急响应脚本
Incident-Response-Powershell 应急响应脚本
这篇文章介绍了一个名为"Incident-Response-Powershell"的应急响应脚本,可以帮助响应Windows设备上的网络攻击。脚本包括收集Windows事件、安全事件、即插即用设备、本地管理员等信息,并可以将取证文物导出为CSV文件以进行SIEM导入。文章还提供了脚本的下载地址和效果图。
AC-Hunter™ Community Edition - Active Countermeasures
AC-Hunter™ Community Edition - Active Countermeasures
AC-Hunter™ Community Edition is a free version of AC-Hunter that provides threat hunting functionality with some limitations. It offers the same powerful threat hunting analytics and network insights as the paid Enterprise Edition. Users can choose between an install script or a VMWare virtual image based on their specific use case. AC-Hunter Enterprise and AC-Hunter Community Edition are compared in a chart, and users are also directed to other threat hunting tools.