SecurityTrails Blog
Information Gathering: Concept, Techniques and Tools explained
“Information is power,” as the saying goes. And in most scenarios it’s true: having critical information, at the right time, and especially knowing how to use it, can be a great source of power.
What is CVE? - Common Vulnerabilities and Exposures
In May 2017, WannaCry, a strain of ransomware, spread quickly around the world. It managed to affect National Health Service hospitals in England and three companies in Spain and reached many other countries including Russia, France and Japan.
What are Open Ports?
From a red team’s point of view, port scanning is one of the most exciting tasks to handle whenever you’re collecting OSINT data about a remote target. However, open ports are not only important on the offensive side, but also on the defensive front.
What is Data Center Security? Top 5 Best Practices
Cloud computing and technology have truly revolutionized the way we collect, process and store data. Organizations are increasingly moving their entire infrastructure to the cloud, storing their information in safe, encrypted data centers.
Flan Scan - The New Vulnerability Scanner from Cloudflare
Port scanning is one of the most frequent activities performed by security researchers working as part of a red team. And in other scenarios, blue teams use it along with online vulnerability scanning tools to prevent a security breach in their apps and servers. Knowing that port and vulnerability scanners are pillars of the cybersecurity world, we’ll analyze one of the newest today, Flan Scan. How new is it? This vulnerability scanner was released only days ago.
#ProTips: Silence the noise with Andrew Morris
The Internet is a noisy place; those listening to it know that all too well. SOC teams keep busy with numerous threat protection products that generate countless security alerts, many uncontextualized, some downright pointless. And figuring out who’s behind those alerts is not easy.
Nmap Scripts (NSE): The Key To Enhance Your Network Scans
Nmap is, quite simply, the best port scanner around. We love it because it offers easy installation, simple usage syntax and great results, as we previously explored in our Nmap commands article. For those who aren’t familiar with it, Nmap isn’t just a common tool we all use for port scanning IP ranges from time to time—it offers much more than that. So if you really want to boost your Nmap scanning capabilities, keep reading. Today we’ll take a close look at the Nmap Scripting Engine, known as NSE.
Top 10 vulnerable websites for penetration testing and ethical hacking training
The infamous cybersecurity skills gap is rising, and more than ever, companies are in need of security professionals to protect their networks and systems. So whether you’re just starting out in cybersecurity or you’re established as an expert, you constantly need to work on practising and sharpening your hacking skills.
Banner Grabbing: Top Tools and Techniques Explained
We shared a few details about banner grabbing in our previous article about cybersecurity fingerprinting. Today, we’ll dig a little bit deeper, to define what it is, explore its different types, and examine some real-world examples showing how you can grab banners from different services on the Internet with both command-line tools and web-based interfaces.
Security Theater: Are You Feeling Secure or Actually Being Secure?
The increase and intricacy of cyber threats show no sign of slowing. Headlines highlight new data breaches almost every day, proving that the need for cybersecurity has never been more apparent than it is right now.