Blog

Learn Cybersecurity for FREE

Petrochemical plant

OT industrial cybersecurity: ModBus protocol

OT stands for Operational Technology, contrary to the IT that is Information Technology. Inside IT we put things such as servers, computers, laptops, smartphones, etc. OT is more focused on more low-level devices that keep factory lines busy, as for instance, a PLC (Programmable Logic Controller) that can control an hydraulic valve or a nuclear…
Read more

SecDevOps: Protecting Terraform state file

Terraform is one of the most used tools to deploy Infrastructure as a Service or IaaS for short, but we have to manage it in a secure way. Some developers add the terraform state file terraform.tfstate into the repository to share it among developers easily, which turns out to be a very bad idea as…
Read more

Hardening WordPress installation

When installing WordPress is important to change the predefined salts to avoid any weak cryptography that makes your cookies and session management weaker. The fastest way to fix that: https://api.wordpress.org/secret-key/1.1/salt/ If you want to get more info about possible attacks on unsecure wordpress installation, here a good reading: https://www.securitysift.com/understanding-wordpress-auth-cookies/

Docker trick: How to stop and remove all current containers

For some system maintenance: Or to delete everything that is not being used:

How to deploy Docker images on Google Cloud Run

We can easily run dockerized apps on Google Cloud using still beta Google Cloud Run. One thing to keep in mind is to specify $PORT variable inside our Dockerfile, by default Cloud Run always uses PORT 8080, but for portability reasons we will specify it as a variable: So we can deploy and run the…
Read more

Simple and vulnerable NodeJS app prone to Cross-Site Scripting (XSS) deployment with Google Cloud App Engine

I wrote a little script in node.js for a hands-on lab to test Cross-Site Scriptings (XSS). You can download it from my github: https://github.com/spinfoo/nodexss To deploy in Google Cloud App Engine:

Restrict by IP in Apache behind Cloudflare

If you are using Cloudflare as first line of defense, and want to restrict by IP in the Apache webserver behind. Add this to your .htaccess:

#Slack built-in support for #RSS feeds

I just discovered that Slack has built-in support for RSS feeds. It’s a great feature to subscribe all your feeds in a private channel, so you can keep updated and even share your feedback with your team. For example, to subscribe to Microsoft Security Advisories: I will share later my RSS feeds for #cybersecurity

United Airlines Bug Bounty Program

After soooome time for the triaging and patching the reported bug. I was awarded with 50,000 miles for reporting a bug to United Airlines, inside their Bugbounty program. Decided to donate them to Rotary International charity and use them for the great causes.

Small tool to decode ASP.NET __VIEWSTATE variable when doing webpentests

I just wrote a small tool to easily decode ASP.NET __VIEWSTATE variables without having to install the viewstate module into the system with administrative privileges and be able to decode the variables with a small script using a terminal, without writting python code. Sometimes when doing webpentesting against a ASP web application is useful a…
Read more