Collaborate Disseminate
I am trying to create an incident response scenario for training purposes.
Do you know any good sources of free training content that I can reuse to create the scenario?
I am thinking of a scenario where I will provide the participants wit… Continue reading Incident Response Training Scenario Ideas [closed]
I am trying to realize which is the best option to have somewhere installed vulnerable virtual machines and run them whenever you want for Pentest training or other cloudtesting purposes.
Maybe this is something like the TryHackMe platform… Continue reading What is the best way to spin up vulnerable machines for training purposes? [duplicate]
I am doing some research in order to select a commercial Penetration Testing Platform which can test Web Apps, Networks and Clients.
As a final stage, I want to incorporate this Penetration Testing Platform inside another platform custom p… Continue reading Opinions for the best Pentesting platform [closed]
Is it possible to install Certbot on Google Kubernetes Engine (GKE) for installing and renewing the SSL certificates on Load Balancers (LB) but with CAs other than Let’s Encrypt?
Continue reading Certbot on GKE for automating SSL certificates with CAs other than Let’s Encrypt
Is it possible to use Certbot for automating the renewal process of the SSL certificates with CAs other than Let’s Encrypt?
Is it possible to use an openssl command in order to check the cipher of an SSL Certificate on a live website?
For example to use something like:
openssl s_client -connect example.com:443 -crlf
The above command will return a lot of inform… Continue reading openssl command to verify the cipher of the ssl cert [migrated]
Is it possible to use any automated scanning tool in order to detect stored passwords in our internal wiki pages?
I found that in the past, the WordPress version 2.0.6 and earlier was vulnerable. The remote host fails to properly sanitize input to the tb_id parameter of the wp-trackback.php script before using it in database queries.
I … Continue reading Can the WordPress `wp-trackback.php` file introduce any security vulnerabilities?
Removing wp-config-sample.php file from the root of the WordPress application can be considered as a good security practice or it does not make any difference for security?
I am running a python script which performs a vulnerability scanning using the WPScan tool and the results are saved as a txt file localy.
Using that txt file I am not able to play with the results and crosscheck the with o… Continue reading Is it possible to export WPScan results in excel file making it as an excel report?