Tutorials

Tutorials

• Use sudo insults to add spice to incorrect password attempts

  The life of an admin doesn't have to be dry. When a user enters a wrong password, for example, why not respond with a message that says, 'You're fired!' With sudo insults, you can.  Continue Reading

• Fuzzy about fuzz testing? This fuzzing tutorial will help

  Organizations are searching for ways to automate and improve their application security processes. Fuzz testing is one way to fill in some of the gaps.  Continue Reading

• How to use a jump server to link security zones

  Jump servers are a perfect example of less is more. By using these slimmed-down boxes, administrators can connect to multiple resources securely.  Continue Reading

• Kali vs. ParrotOS: 2 versatile Linux distros for security pros

  Network security doesn't always require expensive software. Two Linux distributions -- Kali Linux and ParrotOS -- can help enterprises fill in their security gaps.  Continue Reading

• How to use SDelete to ensure deleted data is gone for good

  When data is deleted from a disk, is it gone? One way to make sure file info is permanently erased is to use SDelete, a utility specifically tailored to remove key data.  Continue Reading

• How to disable removable media access with Group Policy

  Removable media can pose serious security problems. But there is a way to control who has access to optical disks and USB drives through Windows' Active Directory.  Continue Reading

• How to use the John the Ripper password cracker

  Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool.  Continue Reading

• How to create fine-grained password policy in AD

  Fine-grained password policies are a simple and effective way of ensuring password settings meet business requirements.  Continue Reading

• How to enable Active Directory fine-grained password policies

  Specifying multiple password policies customized to specific account types adds another layer to an organization's security posture. Using PSOs instead of Group Policy can help.  Continue Reading

• How to use BeEF, the Browser Exploitation Framework

  The open source BeEF pen testing tool can be used by red and blue teams alike to hook web browsers and use them as beachheads to launch further attacks.  Continue Reading

• How to use Wireshark OUI lookup for network security

  Wireshark OUI lookup helps cyber defenders, pen testers and red teams identify and target network endpoints -- and it can be accessed from any browser.  Continue Reading

• How to use the Hydra password-cracking tool

  Need help brute-forcing passwords? Get started by learning how to use the open source Hydra tool with these step-by-step instructions and companion video.  Continue Reading

• How to use PuTTY for SSH key-based authentication

  This tutorial on the open source PuTTY SSH client covers how to install it, its basic use, and step-by-step instructions for configuring key-based authentication.  Continue Reading

• How to create and add an SPF record for email authentication

  Learn how to create Sender Policy Framework records to list authenticated mail servers for an email domain to fight spam, phishing, email forgery and other malicious email.  Continue Reading

• How to use SSH tunnels to cross network boundaries

  The Secure Shell protocol authenticates and encrypts network connections. Find out how it's used to build tunnels while crossing private networks and even firewalls.  Continue Reading

• Use ssh-keygen to create SSH key pairs and more

  Learn how to use ssh-keygen to create new key pairs, copy host keys, use a single login key pair for multiple hosts, retrieve key fingerprints and more in this tutorial.  Continue Reading

• Mimikatz tutorial: How it hacks Windows passwords, credentials

  In this Mimikatz tutorial, learn about the password and credential dumping program, where you can acquire it and how easy it makes it to compromise system passwords.  Continue Reading