ssh

Holistic Info-Sec for Web Developers

A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises. First book is complete, second book is content complete and currently in technical review.

Workshop - Web Developer Quiz Night

Attacking a set of carefully curated questions around info-sec, white hat, black hat, attack and defense.

Workshop - Holistic Info-Sec for Computer Science Students

This time for the students of University of Canterbury. An exploration into an insightful set of steps he has learned, from an architectural, engineering and penetration testing perspective. Based on the content of volume 0 & 1 of Kim’s new book “Holistic Info-Sec for Web Developers”. This time held at the University of Canterbury.

Workshop - Holistic Info-Sec for Web Developers

Hackers On Planet Earth (HOPE) conference in New York City. An exploration into an insightful set of steps he has learned, from an architectural, engineering and penetration testing perspective. Based on the content of volume 0 & 1 of Kim’s new book “Holistic Info-Sec for Web Developers”.

Workshop - Tools, Password Profiling, Brute Forcing

Kim will take ISIG through the [collection of tools](https://f0.holisticinfosecforwebdevelopers.com/chap05.html#tooling-setup) added and configured on his penetration testing machine used throughout his book series ([Holistic Info-Sec for Web Developers](https://www.holisticinfosecforwebdevelopers.com)). Kim will then profile a well known celebrities password, creating a short-list, then (on-line) brute force their login. Come along, it’ll be fun.

Talk - Password Profiling, Brute Forcing

Kim talks with his fellow Toastmasters about profiling peoples passwords and then brute forcing web applications with the shortlist of guessed passwords..

Installation and Hardening of Debian Web Server

Redirects to legacy blog post. These are the steps I took to set-up and harden a Debian web server before being placed into a DMZ and undergoing additional hardening before opening the port from the WWW to it. Most of the steps below are fairly simple to do, and in doing so, remove a good portion of the low hanging fruit for nasty entities wanting to gain a foot-hold on your server-network.

Establishing your SSH Server’s Key Fingerprint

Redirects to legacy blog post. When you connect to a remote host via SSH that you haven’t established a trust relationship with before, you’re going to be told that the authenticity of the host your attempting to connect to can’t be established.

OpenSSH from Linux to Windows 7 via tunneled RDP

Redirects to legacy blog post. In this article I’ll go over getting Kali Linux installed and set-up. I’ll go over a few of the packages in a low level of detail (due to the share number of them) that come out of the box. On top of that I’ll also go over a few programmes I like to install separately. In a subsequent article I’d like to continue with additional programmes that come with Kali Linux as there are just to many to cover in one go.

rsync over SSH from Linux workstation to FreeNAS

Redirects to legacy blog post. I’ve been intending for quite some time to setup an automated or at least a thoughtless one click backup procedure from my family members PC’s to a file server. Now if you put files directories in the place where we are going to rsync to, and run the command we’re going to setup, those new files directories will be deleted.