Pen Test Lab – 2.Passive Information Gathering
An information gathering endeavor is the pen tester locates publicly available information related to the target and seeks ways that could be exploited to get into the systems. There are…
Remove Target to Release Acunetix Licensed Target Count
Acunetix vulnerability scanner license is counted by the target number. Once consumed your target numbers, you wont be able to add new target into your scanner to do another scan.…
End Point Threat Hunting Tools & Steps
Here are some of my collections from Internet about Threat Hunting tools, information and resources. Steps to Scan and Fix your System 4.1 Download Malwarebytes Double click on the installer…
DarkTrace Investigation Steps
This post is to summarize some security incidents investigation steps using DarkTrace. Investigation methodology Any incident responder will always begin by asking some high-level questions concerning the incident under investigation…
Vulnerability Remediation – QID: 91017 and QID: 100269
One of my servers has been found two urgent (severity 5) vulnerabilities. Qualys scan report does give lots of details about those vulnerabilities such as solutions, patches, links etc. Applied…
PID 4 listening on Port 80 or Port 12345
It was interesting during one of our Vulnerability Scanning. There are lots of machines listening on port 12345, and it does has lots of connection on it. Also, PID is…
Vulnerability: SSL/TLS use of weak RC4(Arcfour) cipher port 3389/tcp over SSL
Recent during a vulnerability scan , there is RC4 cipher found using on SSL/TLS connection at port 3389. The solution in the Qualys report is not clear how to fix.…
Find Real IP of a Website Behind CDN
There are more and more websites using CDN (Content Delivery Network) to help deliver their contents to end users. It is faster, safer and more reliable. At the same time,…
Windows Remote Command Line Troubleshooting Tips and Tricks
Here are some scripts and methods to do remote troubleshooting or running some commands in remote machines. I found they are very useful especially in a enterprise environment if you…
Sysinternals Tool Sysmon Usage Tips and Tricks
Microsoft Sysinternals tool Sysmon is a service and device driver, that once installed on a system, logs indicators that can greatly help track malicious activity in addition to help with…
How to Find Out Windows Process Sending Traffic, Especially ICMP Packets
There are a number of different ways to find out which process is sending tcp / udp traffic in computer systems, but not much for icmp traffic. Here is a…
Check Your Site Vulnerability if Listing on Bounty Site
As long as your web application published on Internet, one day it will face the hackers scanning. There is no 100% security and you always want to find out the…