5 Additional Hardening Steps When Creating a Secure Linux Pentesting Environment

So, you have decided to install a pentesting distro to enjoy functionality that would be unavailable on a live usb. The very first question that needs to be asked is “How do I keep myself secure?” In addition to some of the more obvious features of most pentesting distributions, such as full disk encryption, macchanger and anonsurf there are some lesser known ways in which to ensure your Operational Security. In 5 easy steps we will seek to automate some of the tediousness of making sure your make sure your box is secure. (more…)

Cuckoo Sandbox

Cuckoo Sandbox Setup Tutorial

The Cuckoo Sandbox is an automated malware analysis sandbox where malware can be safely run to study its behavior. The benefits of setting up a Cuckoo Sandbox is immense. Having a private and an open source malware sandbox means that you can run any suspicious file without worrying about sensitive data being leaked to a public forum such as VirusTotal. Plus, this malware sandbox can be┬átailored toward your business security needs and tools. This guide will provide you with a basic installed and configured Cuckoo Sandbox to begin dynamically analyzing malware in a safe environment. (more…)

Intel Processor Kernel Memory Bug

Processor and Kernel Memory Bug

There are two new vulnerabilities called Meltdown and Spectre with the latter affecting nearly every device in the world. That’s billions of devices.

Meltdown and Spectre have been known vulnerabilities for quite some time, but research teams had been under embargo. Details began to trickle out yesterday, and as a result of that trickle, there was a lot of speculation that led to many inaccurate assumptions about the full extent of the vulnerabilities and who and what was affected.

(more…)