Raiders of the Lost ARP

Amateur Security Archaeologists, trying not to break things.

Tag: Lab

Adventures in Zeek – Background and Setup

October 29, 2023 /

A revelation during my studies with SANS revealed a lot of open source tools that I find amazing. One of those is the tool Zeek (formerly Bro) IDS. While I have enjoyed and been enriched by my studies of SiLK, Snort, Suricata, Tshark and TCPDump, Zeek is the tool that jumps out to me as that offering greatest potential to learn about and explore networks.

In this blog entry, we’re going to create a single-node Zeek sensor on our virtual host and turn it loose monitoring the network tap we have between our Core switch and the ESXi host. I am starting with Ubuntu 20.04 again, a minimal install, so we can get up and running and have some consistency with the ELK host we are also running. I know lots of distributions run these applications on CentOS/RedHat as well, and there are plenty of good blogs on installing it for yum/RPM based distributions, but we’ll stick with my feeble limitations for now😉

Continue reading

Scanning for Vulnerabilities with Arachni

August 10, 2018 /

Web application vulnerability scanners are big business. A quick search of alternatives will show you that there are literally hundreds of open source and commercial scanners, and all of them offer varying coverage of the vuln space as well as functions that extend into different phases of the Pen Test Kill Chain. As is the case with any trend in security, this explosion in the market is a symptom of something else entirely – web applications are by their very nature easy to access and popular for hackers to exploit. The payoff for a successful breach or compromise is massive.

Continue reading

BYOT (Bring Your Own Target)

June 29, 2018 /

Sorry readers – pen testing is far from a prescriptive field. A good deal of fun can be had, but there is an element of choose your own adventure here that means you’re going to have to continually adjust your plans and ensure you are meeting your needs, be they training or job specific. One of the most awesome aspects of the field is how many tools are published that can help you out! The hacking community is pretty collaborative, so there have been a plethora of tools out there for many years that evolve, receive updates, and see some pretty vibrant extensions and support.

Continue reading

CCIE Security Perspective

June 16, 2018 /

Hello folks!  I am often asked about CCIE Security preparation.  As a disclaimer, you should know I took the “Latin” version of the exam with Blueprint version 4 (ISE 1.1, legacy IPS, pre-8.2 ASA code, and absolutely nothing cool like Firepower or AMP), so with the release of version 5, things have certainly become much more relevant.  That being said, a lot of the prep resources remain the same. I have started re-using the same base email and scrubbed it for aged-out links (believe it or not I used to have more).  I hope this helps someone. Continue reading

Setting Up a Web Pen Test Lab

June 15, 2018 /

Mike here – I am going to pull some tidbits from the Mastering Kali for Web Pen Test book to help get things rolling – we’ll mix up the content between topics, but I wanted to give you something to chew on 😉

So you are probably asking, When can we have some pen testing fun? Let’s just say soon. We have to establish a safe yet representative environment that can provide ripe targets for the various tests we’d like to run. We also want to push the limits without impacting the performance of some real production applications or their underlying systems or supporting networks. As variety is the spice of life, it also holds true in penetration testing. Continue reading

© 2024 Raiders of the Lost ARP

Theme by Anders NorenUp ↑

Verified by MonsterInsights