What are some tips for getting started in InfoSec?

Naturally curious people will have a great time learning about Information Security, as this vast field requires a breadth of knowledge on several subjects in many areas; e.g., physical, software, hardware, network… Self-teaching is extremely important, so get ready to do a lot of research and try things out for yourself. #1 – Universal Security […]

Read More

What is Kali Linux?

Kali Linux contains a large amount of penetration testing tools from various different niches of the security and forensics fields. Click here for a listing of Kali Tools.

Read More

What is Burp Suite?

Burp Suite is an integrated platform for performing security testing of web applications.  Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities. Burp Suite has a large array of features, including but not limited to: […]

Read More

What is CSRF or XSRF?

Cross-Site Request Forgery, usually abbreviated CSRF or XSRF, and sometimes pronounced like “sea surf”, is an exploit which takes advantage of the trusted relationship between a user’s browser and a web application. Essentially, given certain conditions, an attacker is able to trick a user into unknowingly performing a sensitive action (such as transferring money from […]

Read More

What is PCI?

Compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) helps to alleviate vulnerabilities and protect cardholder data. The PCI DSS applies to all entities that store, process, and/or transmit cardholder data. It covers technical and operational system components included in or connected to cardholder data. If you are a merchant who accepts or […]

Read More

A Nessus Example

This is part of a presentation I gave on running NESSUS: In your browser, go to: https://127.0.0.1:8834 Enter the user name and password that you registered with on Tenable. Click log in. You will see the Nessus console page come up. Set up a new Policy for as an example, Windows Vulnerabilities. Click on Policies, […]

Read More

Virtual Machines

VirtualBox emulates hard disks in one of three disk image formats: VDI: This format is the native file format for VirtualBox,  VirtualBox Disk Image VMDK: This open format is used by VMWare products such as VMWare Workstation and VMWare Player. It stores data in one or more files bearing “.vmdk” filename extensions. A single virtual […]

Read More