SPLUNK http://localhost:8000/ Architecture: Splunk is Log aggregation software that indexes the data that comes in from multiple channels which gets indexed into appropriate fields. This will allow you to query on top of the datasets in order to gather insight on your IT infrastructure so that you are able to troubleshoot incidents and problems extremely […]
Monthly Archives: February 2016
What is HITRUST?
HITRUST: The Health Information Trust Alliance, or HITRUST, is a privately held company located in the United States that, in collaboration with healthcare, technology and information security leaders, has established a Common Security Framework (CSF) that can be used by all organizations that create, access, store or exchange sensitive and/or regulated data. The CSF includes […]
How to respond if the employer offers a salary that is below your salary range
The employer offers a salary that is below my salary range. “I am very excited about being part of your team, but according to my research the salary is below the ongoing salary market. Would your budget permit $55,000 instead of $50,000?” “I am really looking forward to being part of your organization, and I […]
What is the Social-Engineering Toolkit (SET)?
The Social-Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed. This tutorial uses a clone of the target website, in […]
IPV4 Header
The IPV4 Header. The artist of these precise drawings is Matt Baxter. I found these images back in 2010 while I was still a student at NYU. All credit to Matt Baxter.
What is a penetration test?
A penetration test simulates the actions of an external and/or internal cyber attacker that aims to breach the information security of the organization. Using many tools and techniques, the penetration tester (ethical hacker) attempts to exploit critical systems and gain access to sensitive data.
What is a vulnerability assessment?
A Vulnerability Assessment is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. Vulnerability assessments are performed by using an off-the-shelf software package, such as Nessus or OpenVas to scan an IP address or range of IP addresses for known vulnerabilities. In addition, vulnerability analysis can […]
What’s the difference between a POST and a GET?
Two commonly used methods for a request-response between a client and server are: GET and POST. GET – Requests data from a specified resource POST – Submits data to be processed to a specified resource Some other notes on GET requests: GET requests can be cached GET requests remain in the browser history GET requests […]
What’s the difference between Diffie-Hellman and RSA?
Diffie-Hellman is a key-exchange protocol, and RSA is an encryption/signing protocol.
How exactly does traceroute/tracert work at the protocol level?
There are three main primary objectives of traceroute tool. These objectives fulfilled by traceroute gives an insight to your network problem. traceroute hacktress.com The entire path that a packet travels through Names and identity of routers and devices in your path Network Latency or more specifically the time taken to send and receive data to […]