Sort introduction to SQL Injection – Hackerfire CTF (low level)
In this entry we describe the basic process of SQL injection entirely performed manually, without using any software that automates the process as SQLmap. For this, and as an example, we use a challenge of the platform Hackerfire, in it you can find a full CTF if you like... Read more
Introduction to digital certificates
In this small entry we will try to introduce ourselves in the world of digital certificates, a process that can be complex but once its operation is understood it becomes much easier to understand and its use becomes indispensable in the encryption of communications. All electronic communication to be... Read more
2FA to WordPress login with Latch
Latch is a technology developed by Telefonica ElevenPath. This tool offers two options to protect our digital identity. The first option is called “Latch” and it can block your account even if the password entered is correct, how as your name indicated this mode act as latch for you... Read more
OTP – Time based One Time Password
Providing Awareness about Innovative Lesson Syllabus Implemented in Cyber Security Technologies in Information Technologies 5th MEETING London 25th MAY 2018 BUCKINGHAMSHIRE NEW UNIVERSITY TOTP Conference Autor: Gabriel Piñero (Telefonica – Cybersecurity Expert) Introduction to 2FA TOTP is used to protect digital identity with a second factor authentication in a... Read more
Wazuh installation in Linux Centos 7
Wazuh is a free host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerts and active responses. It provides intrusion detection for most operating systems, including Linux, OpenBSD, FreeBSD, OS X, Solaris and Windows. Wazuh has a centralized and multiplatform architecture... Read more
Instalacion de A10 vThunder sobre VMware
En esta ocasión vamos a trastear un rato con un balanceador virtual A10 vThunder con el que posteriormente realizaremos algunas pruebas de balanceo de carga basado en URL (Layer 7). A10 Networks es una empresa estadounidense con sede en San José, California, que ofrece una gama de soluciones de... Read more
Docker en Windows 10 corriendo Kali Linux
En la siguiente entrada vamos a ver como ejecutar Kali en un Docker sobre Windows 10: Si queremos instalar Docker debemos cumplir ciertos requisitos en Windows 10: Windows 10 versión Professional o Enterprise. Actualizado con Anniversary Edition o Creators Update. Updates críticos para Windows Containers. Compilación igual o superior... Read more
Generar reportes de nmap en HTML
Cuando nos encontramos auditando una red en búsqueda de nuevos servicios activos, no hay mejor herramienta para ello que nmap, la cual nos permite realizar un escaneo completo, reconocimiento de puertos, identificación de sistema operativo, etc. Al finalizar su ejecución, el reporte que nos da la consola es de... Read more
NMAP Cheatsheet

NMAP Cheatsheet Hot

Blog 27/01/2018 0

In this post today we pick up a nmap command chop that every good pentester should have on hand. What in English is called “cheatsheet” and that is so useful when performing any security audit. Nmap (Network Mapper), is an open source tool, designed to explore and perform security... Read more
Qué es Meltdown y Spectre
En artículo de hoy trataremos de forma breve, sin tecnicismos (o los menos posibles) la debilidad encontrada en los procesadores Intel (y también del resto). Cero sensacionalismo. Cero manos a la cabeza tirándose de los pelos. Al grano… Como no iba a ser menos, ambas vulnerabilidades tienen sus correspondientes... Read more