5 Additional Hardening Steps When Creating a Secure Linux Pentesting Environment

So, you have decided to install a pentesting distro to enjoy functionality that would be unavailable on a live usb. The very first question that needs to be asked is “How do I keep myself secure?” In addition to some of the more obvious features of most pentesting distributions, such as full disk encryption, macchanger and anonsurf there are some lesser known ways in which to ensure your Operational Security. In 5 easy steps we will seek to automate some of the tediousness of making sure your make sure your box is secure. (more…)

The Dangers of Unsecured Amazon S3

The Dangers of Unsecured Amazon S3 Buckets and How to Find Them

In the world of Infrastructure-as-a-Service, Amazon Web Services have established themselves as a king with their “only pay for what you use” business model. Their affordable services are scale-able to fit any need, from a hobbyist that wishes to create a website all the way up to large multi-national corporations. One of Amazon Web Services most popular services, their S3 Simple Storage Service, when configured improperly, can quickly turn from a valuable asset, into a serious security vulnerability. (more…)