Pentester’s suitcase: Identifying OS on remote host

As you are aware, any penetration test starts from information collection. You have to find out what operating system is running on the remote host, and only then you can start looking for vulnerabilities in it. This article presents seven useful tools used inter alia for OS detection and explains their operation principles.

Read full article →


DoS attacks on ModSecurity: Exploiting critical bug in popular WAF

A critical vulnerability resulting in a denial-of-service error has been recently discovered in ModSecurity, a popular web application firewall (WAF) for Apache, IIS, and Nginx. The bug is truly severe: not only does the library stop working, but applications using it as well. Let’s see what was the mistake of the ModSecurity developers and how we, ethical hackers, can exploit this vulnerability in our penetration tests.

Read full article →


The deplorable four. Testing free antiviruses: Huorong, Preventon, Zoner, and FS Protection

Today, I am going to battle-test four antivirus programs: a British one, a Chinese one (featuring an original engine), a Finnish one, and an exciting Czech project at the beta-version stage. All of them are free and offer extra protection features aside from the basic system scan. Let’s pit the new antiviruses against hordes of trojans and worms I prepared for them!

Read full article →