scan – Page 3 – WindowsTechs.com

How can an attacker identify if a website is using PHP? How about the PHP version?

Posted on June 23, 2021 by Jan Küfner

I have a vulnerable test site up that runs PHP.
How can an attacker identify that PHP is used?
if I type …/add.php the site gives back an error message, although the file is add.php.
If I type …/add the site runs.
Maybe I can inject co… Continue reading How can an attacker identify if a website is using PHP? How about the PHP version?→

Contrast Announces the First Breakthrough in SAST in 15 Years

Posted on June 10, 2021 by Mahesh Babu

Traditional Scanning Tools Can’t Keep Up
The post Contrast Announces the First Breakthrough in SAST in 15 Years appeared first on Security Boulevard.
Continue reading Contrast Announces the First Breakthrough in SAST in 15 Years→

How can be telnetd vulnerable on OpenSSH 8.4 OpenBSD Systems?

Posted on June 3, 2021 by

I have OpenBSD server with OpenSSH 8.4 (protocol 2) on my virtual machine installed.
Nmap-Scan shows that there is CVE-2001-0554 vulnerability.
My question: this vulnerability is in telnetd damon. I do not understand how it is possible, as… Continue reading How can be telnetd vulnerable on OpenSSH 8.4 OpenBSD Systems?→

Does it make sense to perform vulnerability assessment tests with admin user rights?

Posted on May 9, 2021 by max

We have an admin web portal that we use to configure and monitor our system We recently had a security consultant scan our servers for vulnerabilities.
Our admin portal is secured with username and password authentication and with two-fact… Continue reading Does it make sense to perform vulnerability assessment tests with admin user rights?→

Scan entire network for connected devices (unknown Subnet)

Posted on March 26, 2021 by Killom

How to search an entire network for connected devices? I am interested in finding misconfigured or unconfigured (default configuration) devices. I’m not on site, so I can’t just look in the network rack. I have access to the production sys… Continue reading Scan entire network for connected devices (unknown Subnet)→

What is a nmap nse scan? [closed]

Posted on March 24, 2021 by Zaidtheitgeek

I am currently studying nmap. Can someone explain what is an NSE and its purpose?

Continue reading What is a nmap nse scan? [closed]→

Scanning developer dependency for OSS scan

Posted on March 23, 2021 by Harsh Vishwakarma

I have a angular project which has several packages that have direct dependencies and developer dependencies like below
"dependencies": {
"@angular/animations": "8.2.14",
"@angular/cdk": "8.2.3&… Continue reading Scanning developer dependency for OSS scan→

If a file has previously been scanned by VirusTotal, will the VirusTotal website always indicate this fact?

Posted on March 10, 2021 by RockPaperLz- Mask it or Casket

I recently downloaded a very popular open-source application. Usually, I compile open-source applications myself after reading the source code. But my compiler box was busy with many tasks, so I decided to download the pre-compiled execu… Continue reading If a file has previously been scanned by VirusTotal, will the VirusTotal website always indicate this fact?→

Scanning directory with YARA python

Posted on March 10, 2021 by vulnerableuser

Stuck with this problem for some time now.
I am scanning a directory with my own yara rules, it works when I tried my code for a single file, but when I use the same code on a for loop, it doesn’t match anything.
I’ve tried searching my pr… Continue reading Scanning directory with YARA python→

Estimate the number of host computers on the private network by port scanning

Posted on January 16, 2021 by Meysam

If we have a private network connected to the Internet with NAT, how can an attacker estimate the number of host computers in network using port scanning?
For both possible modes, the attacker inside and outside the private network.

Continue reading Estimate the number of host computers on the private network by port scanning→