Ask most people in security what Identity and Access Management is and they’ll give you a reasonable answer. Something about users, permissions, and making sure the right people have access to the ...

I’ve been using Nginx Proxy Manager to handle SSL certificates for my Docker containers, which works great. NPM grabs certificates from Let’s Encrypt via DNS challenge, and everything just works. B...

Building test environments has always been a pain point for security researchers and IT professionals. Manually spinning up virtual machines, configuring Active Directory, joining domain members, a...

Vagrant gives you a simple and repeatable way to build and manage virtual machines through code. It removes the manual setup work and lets you recreate whole environments with a single command. I ...

Host Enumeration As usual, we begin with an nmap scan to identify listening services. 22: ssh 80: http Using the ports we can look deeper and verify the software versions: 22: OpenSS...

Hello Everyone, Recently at work, I needed to quickly configure IP addresses and VLANs. This is a quick page as a cheat-sheet on how you can apply the configuration on debian-based (perhaps more a...

Today I received positive news! In 2020 I finished off my masters degree with my master thesis pursuing research in the IoT space regarding machine learning network intrusion detection systems. I ...

Host Enumeration As standard with HackTheBox, our approach is to identify services that are runnin gon the host. To do this, we’ll perform a port scan with nmap, followed by a service version ...

Zico 2 is rated as an intermediate level box created by @rafasantos5 posted on VulnHub. This writeup will detail the steps that I have tried and used to get root access of the target host. The sce...

I decided to do the masters program at Edinburgh Napier University straight after completing my undergraduate degree – Cybersecurity and Forensics also at Napier. I felt that there were some areas ...