Finding and Accessing Open Internet Cameras and Routers

To use this trick we will use a very nice IP scanner called Angry IP Scanner or Nmap itself if you prefer. It was based on a very fucking post from Hacoder , blog that I follow and particularly think too much. It pays to spend time revolving the pages of the site. Basically we…Read more Finding and Accessing Open Internet Cameras and Routers

Linux Hardening and Protection Tips

Ensuring the high availability and availability of the applications and services of our networks and servers is an almost obligatory task today. We do not always work with a development-focused or secure deployments team and this can end up breaching malware, attackers, malware, and other types of malicious attack vectors that may end up compromising…Read more Linux Hardening and Protection Tips

Hardening and Best Practices in Apache Web Server

  Basic Hardening and Best Practices in Web Server Security with Apache Apache is a Web server that is widely used in the Web development industry because of its community, performance and easy configuration, so it still leaves some breaches by default that can compromise the operation and security of your application. I'm going to…Read more Hardening and Best Practices in Apache Web Server

Using ModSecurity Web Application Firewall: To Prevent SQL Injection and XSS using Blocking Rules

In the other post we show how to install and configure ModSecurity in Detection Only mode , where we configure the tool to write several logs of possible attacks generated by SQL Injection , XSS errors among others. In this tutorial, I'll be demonstrating how to configure the ModSecurity security engine to adopt only rules…Read more Using ModSecurity Web Application Firewall: To Prevent SQL Injection and XSS using Blocking Rules

Protecting Linux Apache from DoS and DDoS with Evasive Mod Module

  Mod Evasive is one of my favorite modules in Apache with Mod Security . They are a module prepared to cache and handle high requests to the apache server, increasing its load capacity and preventing a good deal of targeted DoS and DDoS attacks. By running a test with the SlowLoris tool on an…Read more Protecting Linux Apache from DoS and DDoS with Evasive Mod Module

Exploring SQL Injection via POST with SQLmap

  SQLMap is a SQL Injection Fault Scan script. We already posted a lot of material on the subject in the blog, and even how to identify these faults manually and with automated scripts like Uniscan, Arachni, Nikto and etc, in addition, one of the first blog posts was about exploiting SQL Injection failures via…Read more Exploring SQL Injection via POST with SQLmap