When setting up and tuning a SIEM solution, you will write a lot of rules to detect well-known and arising … More Script to enumerate Windows events with name, ID, security monitoring recommendation, URL
Wireshark is a very useful tool for network troubleshooting, but also for Blue (discover attacks) and Red (sniff secrets) security … More Reading encrypted network traffic & why connection coalescing, session resumption and perfect forward secrecy help
ARP – the address resolution protocol – is responsible for translating IP addresses into MAC addresses. If your system wants … More Run ARP poisoning attacks with Metasploit and detect them with Wireshark
In the previous post I explained how to set up your Alfa WiFi adapter to perform security tests on your … More Easy steps for testing your WEP/WPA WiFi with aircrack-ng
For people in IT security who want to perform penetration testing on wireless networks, it is important to have a … More Get Alfa AWUS036ACH USB NIC running on Kali VM to attack wireless networks
People in IT security will most likely need to work and test with different operating systems, versions and software. Nowadays … More Understanding VirtualBox networking schemes to set up a good and safe lab
When working in lab environments or on a client’s system, the keyboard layout may differ from what you are used … More Switch keyboard layout via CLI on Linux
Compared to good old ASCII, the character set of Unicode seems endless. The challenge is of course to find the … More Converting Unicode into Characters in Word
Windows 10 has a very useful implementation of OpenSSH to build up secure tunnels to remote systems. Compared to a … More Using OpenSSH on Windows 10 and handling passwords
The Sysinternals suite is a toolkit that can be downloaded for free from the Microsoft website. Really all of the … More Threa[d|t] Analysis with Process Explorer