Security

YADM (Yet Another Dotfiles Manager) & Keybase

I use multiple Mac workstations to manage all my systems and services (AWS infrastructure, Kubernetes) so it is a challenge to manage the keys and…

GoLang Exercism

Not like the spitting up green pea soup exorcism but Exercism.io, one of many great resources for learning programming languages by solving actual…

Circuit Simulator Applet - falstad.com

This is a very cool little app that I found after listening to Security Now Episode 233: Let’s Design a Computer. Some of the basic circuits were hard to…

Easy Automated Web Application Testing with Hudson and Selenium » Vitamin Features »

• It checks our Subversion repository every hour to see if anyone has…

Mac OS X Security Configuration Guides -Apple.com

The guides are designed to give instructions and recommendations for securing Mac OS X and for maintaining a secure computer.

Wfuzz - A Tool for Bruteforcing/Fuzzing Web Applications | Darknet - The Darkside

| Wfuzz - A Tool for Bruteforcing/Fuzzing Web Applications | Darknet - The Darkside | Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked directories, servlets, scripts, etc, bruteforce GET and POST parameters for checking different kind of injections SQL, XSS, LDAP,etc, bruteforce Forms parameters User/Password, Fuzzing,etc.

As heard on the pauldotcom.com podcast.

Maltego - Paterva: A new train of thought

These entities are linked using open source intelligence.

Apache .htaccess tweaking tutorial at Vortexmind

| Apache .htaccess tweaking tutorial at Vortexmind: free your mind | In this tutorial we are going to improve our website by tweaking out the .htaccess file. Why I wrote this article? Because on the net I have found many articles about this little beast, but every one of them dealt with a specific issue and not look at the overall usage of these files, or they are just too big when you need to do a thing in little time. So I’m trying to collect all the useful bits of data in a monolithic but slim tutorial, which will be updated as I collect more information. But first, let’s see what .htaccess file is…

SANS Technology Institute: Interview with Charles Edge

It seems like Ive been interested in security since I started playing with computers. It was always about trying to push the limits of what could be done.

macosxhints.com - OS X VPN client and Cisco ASA

Problem: A Cisco ASA or PIX firewall can be a VPN server, but a basic VPN configuration will not allow the default OS X L2TP/IPSec client to connect, even…

Terminal Services Setup Guide (2003)

| Learn the best way to batten down the hatches on your servers without going too far. | by Kenton Gardinier for ftponline.com | Windows Server 2003 Terminal Services in terminal server mode can be run in either the Full Security or Relaxed Security compatibility mode to meet your organization's security policy and application requirements. Full Security mode was created to help lock down the terminal server environment to reduce the risk of users mistakenly installing software or inadvertently disabling the terminal server by moving directories or deleting Registry Keys. This mode can be used for most certified terminal server applications. | Read more.

Top 75 Security Tools

Respondents were allowed to list open source or commercial tools on any platform. Commercial tools are noted as such in the list below. Many of the…

Block SSH script attacks

Looks like someone is trying to break into your machine and you’d be right. It’s more than likely a script or robot just knocking on your door, but you…

Email "Spamming" and Email "Spoofing"

Here is a snip of a great article explaining Virus Spoofing from www.lse.ac.uk:…

Destroy Spyware

I have yet to find an application that detects adware and spyware before it’s installed on your PC, so my recommendation is not to pay for adware/spyware…

Mac OS X Security Advisory

| Mac OS X Security Advisory | Vulnerability: | Malicious DHCP response can grant root access

| Affected Software | Mac OS X 10.3 (all versions through at least 26-Nov-2003) | Mac OS X Server 10.3 (all versions through at least 26-Nov-2003) | Mac OS X 10.2 (all versions through at least 26-Nov-2003) | Mac OS X Server 10.2 (all versions through at least 26-Nov-2003) | Probably earlier versions of Mac OS X and Mac OS X Server | Possibly developer seeded copies of future versions of Mac OS X

Securing Apache by securityfocus.com

Part one on a series of articles by the good people at securityfocus.com about creating a somewhat safe presence on the web.

Securing MYSQL by securityfocus.com

Part three and the final installment, so far, in securing your web server by the crew at securityfocus.com.

Securing PHP by securityfocus.com

Part two in the series of articles by the folks at securefocus.com about securing your web server.