Security Analytics Using ELK
Few months back, I had the opportunity to conduct two workshops at BSidesDelhi and CSI Mumbai on the above topic. […]
Author: Wasim Halani
Hunting Phish Domains
Most organizations face a barrage of attacks every day from threat actors around the globe. Among the various vectors, attackers […]
Exfiltration Using Powershell & Outlook
Introduction When an attacker compromises an end-point system in an organization, he needs some sort of confirmation that: his code […]
PCI DSS Penetration Testing Guidance
The Payment Card Industry Security Standards Council recently released their updated Information Supplement: Penetration Testing Guidance. The guidance document was […]
ATM Application Whitelisting Security Assessment
During a recent engagement, we were asked to test the security level of an application white-listing solution deployed on the […]
Insecure Implementation of Guest Wireless Networks
Most large organizations provide wireless facilities for their guest, which may include vendors, consultants, business associates, employees from other regions […]
Disable IIS 7.5 Banner Information
Below are the steps of how to fix the banner (version information) in IIS 7.5 Install the latest version of […]
Does Your DLP Implementation Keep You Awake At Night?
With the boundary-less work culture of the 21st century, organizations have started to wake up to the fact that they […]
Info-Letter vol.2
Hi all, This month’s reading list. Make sure to check out the tools sections. Traditional Pen-testing is Dead: A frank look […]
Info-Letter vol. 1
Hi all, We are starting with a monthly reading-list for people who are unable to keep up with the latest […]