System Administration & Configuration

Ansible Installation on Debian 9 Stretch Linux from Source

Objective The following guide describes simple to follow steps on how to install the latest version of the open-source automation engine Ansible. Operating System and Software Versions Operating System: - Debian Stretch 9 Requirements Privileged access to you Debian Linux system will be required. Difficulty EASY Conventions
Read More...

Manage Vim Plugins With Pathogen

Introduction There's no denying that Vim is awesome on its own. It provides users with unprecedented configuration potential and quick, powerful commands. That said, Vim can get even better with the use of plugins. There are hundreds of plugins that can seriously amp-up your Vim installation. Many of them are tailored for specific uses, like programming in a certain language or even writing. Others are more general and enhance Vim's existing capabilities. Whichever it is that you need, you're...
Read More...

How to install latest Firefox Browser on Debian 9 Stretch Linux

Objective Debian Linux comes with Firefox ESR (Extended Support Release) version, which in some rare scenarios may not adequately fit your needs. The objective is to replace the Debian's default Firefox ESR with the latest bleeding edge Firefox. Operating System and Software Versions Operating System: - Debian 9 Stretch Requirements Privileged access to your Debian Linux system will be required. Difficulty EASY Conventions
Read More...

Tweet From the Linux Command Line With Rainbow Stream

Introduction Rainbow Stream allows you to manage just about every aspect of your Twitter account from the command line. Yes, you did read that right. It's a full featured command line Twitter client written in Python. Chances are, you're falling into one of two camps right about now. If you're in the slightly insane one that thinks this is a good idea, stay tuned. Rainbow Stream actually does provide an simple and intuitive Twitter experience from the Linux command line. Prerequisite Packages...
Read More...

Learn Burp Suite on Kali Linux: Part 4

Introduction It's important to remember that Burp Suite is a software suite, and that's why a whole series was needed to cover even just the basics. Because it is a suite, there are also more tools bundled in that work in conjunction with one another and the proxy that you're already familiar with. These tools can make testing any number of aspects of a web application much simpler. This guide isn't going to go into every tool, and it isn't going into too much depth. Some of the tools in Burp...
Read More...

Learn Burp Suite on Kali Linux: Part 3

Introduction In this third part of the Burp Suite series, you will learn how to actually collect proxied traffic with Burp Suite and use it launch and actual brute force attack. It will run somewhat parallel to our guide on Testing WordPress Logins with Hydra . In this case, though, you will use Burp Suite to gather information on WordPress. The purpose of this guide is to illustrate how the information gathered by Burp Suite's proxy can be used to conduct a penetration test. Do Not use this...
Read More...

Learn Burp Suite on Kali Linux: Part 2

Introduction In this second part of the Burp Suite series you will lean how to use the Burp Suite proxy to collect data from requests from your browser. You will explore how an intercepting proxy works and how to read the request and response data collected by Burp Suite. The third part of the guide will take you through a realistic scenario of how you would use the data collected by the proxy for a real test. There are more tools built in to Burp Suite that you can use the data that you...
Read More...

Learn Burp Suite on Kali Linux: Part 1

Introduction When it comes to testing the security of web applications, you'd have a hard time finding a set of tools better than Burp Suite from Portswigger web security. It allows you to intercept and monitor web traffic along with detailed information about the requests and responses to and from a server. There are way too many features in Burp Suite to cover in just one guide, so this one will be broken down into four parts. This first part will cover setting up Burp Suite and using it as...
Read More...

Test WordPress Logins With Hydra on Kali Linux

Introduction There are web forms all over the Internet. Even sites that don't usually allow regular users to log in probably have an admin area. It's important when running and deploying a site to make sure that the passwords gating access to sensitive controls and admin panels are as secure as possible. There are different ways to attack a web application, but this guide is going to cover using Hydra to perform a brute force attack on a log in form. The target platform of choice is WordPress....
Read More...

SSH Password Testing With Hydra on Kali Linux

Introduction Hail Hydra! Okay, so we're not talking about the Marvel villains here, but we are talking about a tool that can definitely do some damage. Hydra is a popular tool for launching brute force attacks on login credentials. Hydra has options for attacking logins on a variety of different protocols, but in this instance, you will learn about testing the strength of your SSH passwords. SSH is present on any Linux or Unix server and is usually the primary way admins use to access and...
Read More...

Creating Wordlists with Crunch on Kali Linux

Introduction Wordlists are a key part of brute force password attacks. For those readers that aren't familiar, a brute force password attack is an attack in which an attacker uses a script to repeatedly attempt to log into an account until they receive a positive result. Brute force attacks are fairly overt and can cause a properly configured server to lock out an attacker or their IP. This is the point of testing the security of log in systems this way. Your server should ban attackers that...
Read More...

Introduction to Nmap on Kali Linux

Introduction Nmap is a powerful tool for discovering information about machines on a network or the Internet. It allows you to probe a machine with packets to detect everything from running services and open ports to the operating system and software versions. Like other security tools, Nmap should not be misused. Only scan networks and machines that you own or have permission to investigate. Probing other machines could be seen as an attack and be illegal. That said, Nmap can go a long way in...
Read More...

Filtering Packets In Wireshark on Kali Linux

Introduction Filtering allows you to focus on the exact sets of data that you are interested in reading. As you have seen, Wireshark collects everything by default. That can get in the way of the specific data that you are looking for. Wireshark provides two powerful filtering tools to make targeting the exact data you need simple and painless. There are two way that Wireshark can filter packets. It can filter an only collect certain packets, or the packet results can be filtered after they...
Read More...

Basics of network protocol analyzer Wireshark On Linux

Wireshark is just one of the valuable tools provided by Kali Linux. Like the others, it can be used for either positive or negative purposes. Of course, this guide will cover monitoring your own network traffic to detect any potentially unwanted activity. Wireshark is incredibly powerful, and it can appear daunting at first, but it serves the single purpose of monitoring network traffic, and all of those many options that it makes available only serve to enhance it's monitoring ability....
Read More...

Hosting Django With Nginx and Gunicorn on Linux

Introduction Hosting Django web applications is fairly simple, though it can get more complex than a standard PHP application. There are a few ways to handle making Django interface with a web server. Gunicorn is easily one of the simplest. Gunicorn(short for Green Unicorn) acts as in intermediary server between your web server, Nginx in this case, and Django itself. It handles serving the application itself while Nginx picks up the static content. Gunicorn Installation Installing Gunicorn is...
Read More...

Record and Replay Terminal Session with Asciinema on Linux

Introduction Asciinema is a lightweight and very efficient alternative to a Script terminal session recorder. It allows you to record, replay and share your JSON formatted terminal session recordings. The main advantage in comparison to desktop recorders such as Recordmydesktop, Simplescreenrecorder, Vokoscreen or Kazam is that Asciinema records all standard terminal input, output and error as a plain ASCII text with ANSI escape code . As a result, JSON format file is minuscule in size even...
Read More...

Protecting Your Privacy With Firefox on Linux

Introduction Privacy and security are becoming increasingly important topics. Though it's impossible to be 100% secure, there are measures that you can take, especially on Linux, to help defend your online privacy and security when browsing the web. Firefox is probably your best option when selecting a browser for these purposes. Google Chrome cannot be trusted. It's owned by Google, a company known for data collection, and it's closed source. Chromium may be okay, but can't be guaranteed....
Read More...

How to install Google Chrome Browser on Kali Linux

Objective The objective is to install Google Chrome web browser on Kali Linux. See an appendix for a possible issue troubleshooting. Requirements Privileged access to your Kali Linux installation or Live system is required. Difficulty EASY Conventions
Read More...

How to install SSH ( secure shell ) service on Kali Linux

Objective The objective is to install SSH ( secure shell ) service on Kali Linux. Requirements Privileged access to your Kali Linux installation or Live system is required. Difficulty EASY Conventions
Read More...

VIM - Unable to paste - E353: Nothing in register " error - Solution

Symptoms The following error message appears after a paste attempt is made using middle mouse button: E353: Nothing in register " This error first appeared with VIM version 8:
Read More...