Fail2ban for WordPress

fail2ban is a utility that can be used to protect a server or website from brute-force attacks by blocking the IP address of the attacker after a certain number of failed login attempts. If you want to use fail2ban to protect your WordPress website, you can do so by installing and configuring the fail2ban software … Read more

Automated Network Penetration Testing Tool – SPARTA by SECFORCE

Introduction: If you ever participated in CTF or trying to crack up some machines on-site like hackthebox you will know what amount of effort goes into initial scanning and enumeration to get you headed on possible advancement on your kill chain. For example, starting a Nmap scan to running Nikto and eventually being able to … Read more

Lynis (How to find vulnerabilities and harden a Linux system)

Introduction: In the security industry, there is so much emphasis on Windows server and workstation security with thousands of security products dedicated to finding vulnerabilities and hardening servers. A few products that we have in the market are Nessus,  Nexpose, and OpenVAS, one may say they do support Linux and I agree entirely, but they … Read more

Honeytokens (Canary Tokens). What is it? And How it works? Detect Insider Threat

What are Honeypots: We all are familiar with the concept of honeypots and their importance in a corporate environment. If you are not aware honeypots are deployed across the network in order to detect the intruder in the network. Honeypots are the system that contains detective and alerting features with some intended vulnerability to attract … Read more

Disassembling ransomware decryption tool What’s inside the decryption tool? How does the decryption tool work? Ransomware Recovery

Intro Ransomware attacks are on rising and becoming more sophisticated. Companies without little to no backup plan, struggle the most. As we know with ransomware attacks comes encryption. And it is a real pain to decrypt any files without a key. So that kept me thinking, how is this decryption tool able to handle the … Read more

Monitor full network traffic with Arkime aka. Moloch

Monitoring the corporate network is a crucial part to safeguard the network against malicious threat actors. One may argue that there are IDS and IPS to detect malicious traffic on the network. Those advanced security devices can indeed be useful but one cannot see the full picture of the network. For example, IDS and IPS … Read more

AWS Security Audit – Scout2 for Security Auditing on your AWS Infrastructure

The cloud platform is a way to go for most companies today. With all the advantages like scalable, redundant, fault-tolerant, and highly available infrastructure, the cloud seems like a way to go for when thinking of long term growth. Let’s not go to the overly discussed topic of cloud vs on-primes infrastructure. Security should be … Read more