Tag Archives: auditing

Crack WordPress Password Hashes with hashcat How-To

Crack Wordpress Password Hashes with hashcat How-To | By default, WordPress password hashes are simply salted MD5 hashes. This is a piece of cake to crack by today’s security standards. hashcat is a great multi-threaded password hash cracker which can eat these hashes for dinner. I’ll show you how to crack WordPress password hashes!

Use Curl to Fetch ASP.NET Version Banner

Use Curl to Fetch ASP.NET Version Banner | The version of ASP.NET is sent in a banner with http requests and can be viewed with a curl command. I’ll show you how! X-AspNet-Version: 2.0.50727 To view this with curl, use tack capital I and fetch any url ending in .aspx. A random url ending in .aspx works as well: $ curl -I 10.112.12.67/asdfsaf.aspx

Troubleshooting SSH Server Logs and Error Messages

Troubleshooting SSH Server Logs and Error Messages | ssh logs can have various messages that are all difficult to interpret as the exact meaning is all based on the situation or circumstance. Below are some general tips to keep in mind if you run across any of these messages in your logs! Example 1 If you see this, someone is trying random logins

Open Source Auditing Tools

Open Source Auditing Tools | Here are various open source tools that are useful for security auditing! If you are a consultant, or an admin that just likes to be on top of his game, these are free open source tools that help audit the security level of workstations and servers in your environment. Note: These are by nature Linux-friendly

Test Your Server for SQL Injection

Test Your Server for SQL Injection | Q: What tools are used for testing for MySQL and other database injection vulnerabilities? The following are often used to automate testing for SQL injections by network and security admins: sqlmap – automatic SQL injection and database takeover tool Havij – automated SQL injection tool metasploit – security framework (Metasploit as you may be aware