Category: Security

Windows PowerShell cmdlets to secure PSCredential Objects

March 26, 2016

I have previously discussed securing credentials using Windows Powershell atPowershell: Securing credentials using the PSCredential class. In this article, I will discuss a number of cmdlets I have created to secure credentials using a Advanced Encryption Standard (AES) encryption key to retrieve the content from a encrypted standard string. As I am using an encryption … More Windows PowerShell cmdlets to secure PSCredential Objects

Identifying applications vulnerable to the Sparkle MiTM attacks

February 11, 2016

As recently disclosed (https://vulnsec.com/2016/osx-apps-vulnerabilities/) you may be already be aware of a vulnerability in Sparkle that exposes a large number of applications to man-in-the-middle (MiTM) attacks over insecure HTTP channels. In order to identify Applications that are susceptible to MiTM attacks that install malicious code in the Sparkle software framework invoke the below from a … More Identifying applications vulnerable to the Sparkle MiTM attacks

Generating certificate requests with additional subject identities using OpenSSL

January 17, 2016

The below provides steps to how the process used to create a certificate request to issue to certificate authority server in an internal environment. However, the steps to create the certificate request can be performed if submitting a certificate request to a third party certificate authority. Firstly, I will create a configuration file (openssl.cnf) to … More Generating certificate requests with additional subject identities using OpenSSL

Installing Guest Additions for a Kali Linux guest in VirtualBox

December 16, 2015

In order to install the guest additions within a Kali Linux guest using Oracle VM VirtualBox to optimise the guest operating system for better performance and usability, there is a requirement to install the kernel header files. In order to perform the above we can invoke the following from the terminal: Now we can attach … More Installing Guest Additions for a Kali Linux guest in VirtualBox

Updating repository lists and keyrings for Kali Linux on Amazon Web Services

December 9, 2015

I was recently launching an instance of Kali Linux (1.0.6 | 64-bit Amazon Machine Image (AMI) | Updated: 10/10/14) in Amazon Web Services and as the image only provides the Kali package repository (as per the description”bare-bones”) I was looking to install the complete system (apt-get install kali-linux-full) from the available packages. However, on invoking the installation of … More Updating repository lists and keyrings for Kali Linux on Amazon Web Services