Reduce Web Page Load Times and Improve Privacy Control

You can use a cache server for a small to medium-sized business no matter the industry or for whatever you would like. A DNS cache doesn’t have to be high maintenance or a menace to other people and organizations as long as you take certain precautions in the configuration. My reasons for creating a DNS […]

DVWA Part 2: Exploiting Cross-Site Scripting (XSS) Vulnerabilities

For the second installment of our DVWA series, we are going to look at cross-site scripting (XSS) vulnerabilities and how to exploit them in our Damn Vulnerable Web Application. If you missed part one of this series that shows you how to set up DVWA, you can check it out here. What is XSS? Cross-site scripting […]

Installing Damn Vulnerable Web Application (DVWA) Using XAMPP in Kali Linux

In order to learn web app exploitation safely (and legally), it is useful to have practice applications to run on your local environment. Damn Vulnerable Web Application (DVWA) was created for just this purpose. DVWA contains many common web vulnerabilities such as SQL injection, XSS, and more that allow you to hone your web hacking […]

Security Onion Set Up Part 4: Tuning

Once data starts flowing through the sniffing interfaces you are going to be presented with a lot of false positives. It’s essential to reduce the number of false positives because the identification of real indicators can become next to impossible and your hardware will thank you. When I fired up Security Onion on Ubuntu 16.04 […]

5 Additional Hardening Steps When Creating a Secure Linux Pentesting Environment

So, you have decided to install a pentesting distro to enjoy functionality that would be unavailable on a live usb. The very first question that needs to be asked is “How do I keep myself secure?” In addition to some of the more obvious features of most pentesting distributions, such as full disk encryption, macchanger […]