cyzczy – WindowsTechs.com

vulnerability management 101

Posted on March 1, 2021 by cyzczy

Looking at a typical vulnerability scan report from Nessus or Qualys most people are terrified, lost, and basically with more questions than answers. For example, how on earth am I going to deal with all these findings? From what I was tau… Continue reading vulnerability management 101→

Vulnerabilities for multiple kernel versions that are installed on a given server

Posted on January 22, 2021 by cyzczy

As per Exclude or display vulnerabilities for non-running Linux kernels :

It is possible to have multiple kernels detected on a single Linux
host and Qualys will report all vulnerabilities found on all Linux
kernels.

Linux distributions … Continue reading Vulnerabilities for multiple kernel versions that are installed on a given server→

can vulnerabilities be treated differently based on ceratin circumstances? [duplicate]

Posted on December 9, 2020 by cyzczy

We are running vulnerability scans on our systems. I can see a few XSS vulnerabilities being reported, such as CVE-2020-14173. Let me quote:

The file upload feature in Atlassian Jira Server and Data Center in
affected versions allows remo… Continue reading can vulnerabilities be treated differently based on ceratin circumstances? [duplicate]→

crack MySQL323 hash

Posted on November 12, 2020 by cyzczy

I’m trying to crack a MySQL323 hash and I’m unable to get it done.
I was able to confirm tye hash type:

I came across https://www.tobtu.com/mysql323.php.
I can run it as "mysql323 32.exe" [number of threads] [hash] [keyspace-fil… Continue reading crack MySQL323 hash→

Log poisoning prevention in the context of LFI

Posted on November 11, 2020 by cyzczy

Back in the day, mostly, such injections were taking place over the
server log files. Such files are the Apache error log, the Access log
and more. Techniques like these have been used for years and,
hopefully, they won’t work on updated … Continue reading Log poisoning prevention in the context of LFI→

DLP event management without evidence [on hold]

Posted on September 19, 2019 by cyzczy

We do not have an allowance for evidence storage in our current DLP solution. Events are stored but they just provide details on how, when, what rule was triggered, data classification and that’s all.

What sense would it ma… Continue reading DLP event management without evidence [on hold]→

Windows registry debug

Posted on February 1, 2017 by cyzczy

Is there any way to monitor/debug changes made by an installation to the OS registry? I’m aware of Process Monitor but I look for something that I can
run in the background.

Continue reading Windows registry debug→

web applications available for testing?

Posted on January 13, 2017 by cyzczy

Is there any way to get hands-on experience with Web Application testing while not working as a tester? Are there any initiatives where people post their production and real-world apps for people to test them?

Continue reading web applications available for testing?→

Is is possible to modify the Alternate Data Stream (ADS) in MS Word with Protected View?

Posted on August 3, 2016 by cyzczy

Is it possible to modify the Alternate Data Stream (ADS) to prevent .docx to be opened in Protected View for files downloaded from Internet.

When is Protected View used?

Since Protected View is a read only view, we understand it … Continue reading Is is possible to modify the Alternate Data Stream (ADS) in MS Word with Protected View?→