This article demonstrates how to use Fail2Ban to block IP addresses attempting to compromise a WordPress instance via the login process. In this walk-through, we’re using CentOS 7 and FirewallD. Just be aware that if you’re using a caching service like CloudFlare, you can’t use this method because you’ll block
Read more
This article demonstrates how to install the new Tsunami vulnerability scanner on a Redhat-like machine such as Fedora or CentOS 8 and how to use it including an example script to scan multiple targets or subnets. Install Java: yum install java-*-openjdk-devel Download the Tsunami ZIP from here: https://github.com/google/tsunami-security-scanner/archive/master.zip Extract the
Read more
This article demonstrates one way to get and crack Windows 10 passwords. All the steps are completed on Windows 10. The last step of running the hashes through the Rainbow attack process could be replaced with John (JtR). The tools we’ll use are: Windows 10 Pro samdump2 mimikatz https://crackstation.net Step
Read moreThis article demonstrates how to generate a CSR (certificate signing request) using OpenSSL. In the examples below, change the bold text to be correct for you. Generate the key file: openssl genrsa -out example.key 2048 && chmod 0600 example.key Create the config file as “/etc/httpd/example.csr.conf: [ req ] default_bits =
Read more
Trouble installing Windows 10 Updates? This article is for you. Visit the site: https://www.microsoft.com/en-us/software-download/windows10 … and click the “Update Now” button. The program that downloads helps you manually update Windows. Execute it and go through the Wizard. Warning, this takes your computer into a process of uninterruptible reboots and updates
Read more
This article explains how to install OpenVAS on Kali Linux. The difference between this method and others is the switch from “openvas” to “gvm” for naming/marketing. As you might have seen, I’ve written several articles on installing and using OpenVAS on CentOS. Don’t do it. Don’t go through the pain
Read more
This is a short article focused on helping you protect your wireless network from hackers. The AirCrack-NG suite is the most common set of tools used to crack wireless networks. For that reason, we’re focused on that suite for this article. Other tools need to deal with the same wireless
Read more
This article demonstrates how to crack a wireless network using the AirCrack-NG suite. Note that this will only work with WPA/WPA2 PSK wireless networks. That’s the limits of this generation of the AirCrack-NG suite. Only do this on a network that you own or are responsible for and have permission
Read more
This article is quick walk-through explaining how to install Bitwarden on Fedora 32 but should work on CentOS 7 and 8 as well as RHEL. Install the docker packages: yum install docker docker-compose systemctl enable docker systemctl restart docker Download the Bitwarden scripts: curl -Lso bitwarden.sh https://go.btwrdn.co/bw-sh chmod +x bitwarden.sh
Read more
This article shows how to install and run Nmap using the Vulscan add-on to do vulnerability assessments. Download Nmap: yum install nmap Install the Vulscan.nse script: /usr/share/nmap git clone https://github.com/scipag/vulscan vulscan Run a scan targeting the machine (in this example) “192.168.4.250”: nmap -sV –script vulscan/vulscan.nse 192.168.4.250 My output looks like
Read more