Tutorials Archives - Page 2 of 3 - The Insecurity Matters Blog

Installing Damn Vulnerable Web Application (DVWA) Using XAMPP in Kali Linux

In order to learn web app exploitation safely (and legally), it is useful to have practice applications to run on your local environment. Damn Vulnerable Web Application (DVWA) was created for just this purpose. DVWA contains many common web vulnerabilities such as SQL injection, XSS, and more that allow you to hone your web hacking... Continue reading

Security Onion Set Up Part 4: Tuning

Once data starts flowing through the sniffing interfaces you are going to be presented with a lot of false positives. It’s essential to reduce the number of false positives because the identification of real indicators can become next to impossible and your hardware will thank you. When I fired up Security Onion on Ubuntu 16.04... Continue reading

5 Additional Hardening Steps When Creating a Secure Linux Pentesting Environment

So, you have decided to install a pentesting distro to enjoy functionality that would be unavailable on a live usb. The very first question that needs to be asked is “How do I keep myself secure?” In addition to some of the more obvious features of most pentesting distributions, such as full disk encryption, macchanger... Continue reading

Security Onion Set Up Part 3: Configuration of Version 14.04

Before we begin configuring Security Onion, it’s a good idea to get an Oinkcode from snort.org if you’re going to use Snort. Snort can also use the Emerging Threat rulesets. There are three options available to obtain an Oinkcode. Community Edition – the rules are updated every 30 days, no support – FREE Personal – the... Continue reading

The Dangers of Unsecured Amazon S3 Buckets and How to Find Them

In the world of Infrastructure-as-a-Service, Amazon Web Services have established themselves as a king with their “only pay for what you use” business model. Their affordable services are scale-able to fit any need, from a hobbyist that wishes to create a website all the way up to large multi-national corporations. One of Amazon Web Services... Continue reading