infosec

Up and Running with Kali Linux and Friends

Redirects to legacy blog post. In this article I’ll go over getting Kali Linux installed and set-up. I’ll go over a few of the packages in a low level of detail (due to the share number of them) that come out of the box. On top of that I’ll also go over a few programmes I like to install separately. In a subsequent article I’d like to continue with additional programmes that come with Kali Linux as there are just to many to cover in one go.

Talk - What's Our Software Doing With All That User Input

At OWASP NZ Day: What are we doing with all the characters that get shoved into our applications? Have we considered every potential execution context?

Kali Linux Review

PenTest Magazine article by Kim.

Workshop - Security Testing with Kim Carter

At ANZTB: Hands-on insight into security testing. Kim will discuss some of the more common security vulnerabilities being found in today’s software implementations, and will demonstrate ways of testing them.

Running Wireshark as non-root user

Redirects to legacy blog post. This post is targeted at getting Wireshark running on Linux. If you’re a windows user, you can check out the Windows notes here.

Sanitising User Input from Browser part 2

Redirects to legacy blog post. Untrusted data (data entered by a user), should always be treated as though it contains attack code. This data should not be sent anywhere without taking the necessary steps to detect and neutralise the malicious code.

Sanitising User Input from Browser part 1

Redirects to legacy blog post. I was working on a web based project recently where there was no security thought about when designing, developing it. The following outlines my experience with retrofitting security. It’s my hope that someone will find it useful for their own implementation.

Using PSCredentials

Redirects to legacy blog post. I’ve been working on a small project that shuts down machines attached by network and of course power feed to an APC Smart-UPS. The code that was shutting down the guests required authentication to be passed to the receiving services.