![IT Best Practice](/img/default-banner.jpg)
- 91
- 164 269
IT Best Practice
United States
เข้าร่วมเมื่อ 9 ม.ค. 2022
How to transfer files between Windows and Kali linux with impacket smbserver
In this video we'll go over how to configure impacket-smbserver to transfer files between machines running smb and kali. impacket-smbserver is one of the many python scripts, one it is especially design for the transfer of files over the SMB protocol.
มุมมอง: 47
วีดีโอ
WiFi Client Isolation - what is it and why would you want to implement it
มุมมอง 87หลายเดือนก่อน
In this video we'll go over the client isolation setting in Meraki WiFi. Although I'm using Meraki as an example, the concept is application to all WiFi technologies that support client isolation. Client isolation is a simple to implement security feature that for WiFi clients in a network. It prevents client devices from communicating with each other in the same network.
Splunk Cloud 2 Apps an Add-ons
มุมมอง 26หลายเดือนก่อน
This is video number 2 of the Splunk Cloud administration series. In this video we'll talk about how data is ingested in Splunk cloud using Add-ons and how to visualize the data using using Apps. Something else to keep in mind is that each App and Add-on have specific requirements that must be met in order to work properly.
Hashcat 101 - simple password testing
มุมมอง 53หลายเดือนก่อน
This the the first video in the password analysis with hashcat. In this video we'll go over what hashcat is and how to use a basic syntax to display the a NTLM password in clear text.
Intro to Windows Net command
มุมมอง 89หลายเดือนก่อน
The net command is a useful windows tool that allows you to perform many administrative tasks from the command line. One of the main reasons to learn and to master it is because many of the security engagement will have windows machines, and with the right tools and command you can discover a lot of information about the target and then take action on it. In this video we go over net user, net ...
VMWare work around for Windows cannot find the Microsoft Software License Term error message
มุมมอง 31หลายเดือนก่อน
This is a quick short video to show you a work around when dealing with the Software License term error message when installing Windows OS in VMWare. I hope you find this information useful, if so, please consider clicking on the like button, leaving a comment, and subscribing to my channel. Have a good day.
Configuring Meraki Splash Page with SMS Authentication
มุมมอง 1352 หลายเดือนก่อน
In this video I'll show you the configuration of Meraki SSID Splash page with SMS authentication. For SMS authentication you need a Twilio account to deliver SMS messages to the users, but once you configure the account the integration is seamless. Using SMS authentication offers a simple to use solution without worrying about setting up a back-end infrastructure. I hope you find this informati...
Splunk Cloud Foundation - 30 minute intro class into Splunk Cloud.
มุมมอง 982 หลายเดือนก่อน
Splunk Cloud is more than a SIEM solution because it offer advanced search options, is very customizable, and has tons of integrations with many system through Add-ons and Apps. This is the first of many Splunk videos and it's designed to give you a grasp and basic understanding of the technology. I'll also go over the basic of Splunk, what it, why it is important, and how it can help you bette...
Cisco Meraki AirMashal Options
มุมมอง 972 หลายเดือนก่อน
Cisco Meraki is a Wireless Intrusion Prevention System that offers powerful features to secure the WiFi network in your organization. It not only shows you the activity of SSIDs over the wifi spectrum, but also allows you to take immediate action. In this video we'll cover the different options and the actions you can. I hope you find this information useful, if you do, consider subscribing to ...
Dissecting Malicious email - Volume 1 QR Code and Metamask
มุมมอง 312 หลายเดือนก่อน
In this video we'll go over tell tale signs that email is a scam. Like any scam, cyber criminals rely on social engineering tactics to try to trick people into taking a specific action. Scammers try to exploit emotions by invoking a sense or urgency and ask users to click, scan, or download a file that's going to activate the malicious payload. It is impossible to prevent all scam emails, but i...
Dissecting a Fictitious Site. - vol 1, Vanguard
มุมมอง 932 หลายเดือนก่อน
In this video I show you a few techniques you can use to identify whether a site is legitimate or not. In this case we're going to use a fake site pretending to be Vanguard, the landing page looks very similar to the legitimate one but there are tell tale signs and red flags to help us identify the site as malicious. Probable the site page was taken down after cyber criminals achieved their obj...
How to disable auto suggestion feature in Kali linux
มุมมอง 1642 หลายเดือนก่อน
Do you find the autocomplete - auto-suggesting feature annoying in Kali linux? If so here's the answer for you. Simply edit the shell configuration file and comment out the a few lines and restart the shell.
One liner Metasploit installation on Linux
มุมมอง 342 หลายเดือนก่อน
Snap made it super simple to install the metasploit package in linux. With a one liner you can have the metasploit framework running in just minutes, without the hassle of dealing with dependencies and compatibility issues. I hope you find this and all other videos in this channel useful.
How to remove Nessus from Kali in three simple steps
มุมมอง 2633 หลายเดือนก่อน
There are many reasons why you would like to remote Nessus from Kali linux. In this video I'll show you how to remove in three simple steps.
Protecting RDP against common attacks
มุมมอง 1045 หลายเดือนก่อน
This is a follow up a video I created showing you how RDP can be vulnerable to dictionary attacks with Hydra. If it sounds interesting to you it can be found here: th-cam.com/video/CaVMl5ElRuU/w-d-xo.html You can change the default RDP port by: Start the registry editor. -Type regedit in the Search box. Navigate to the following registry subkey: HKEY_LOCAL_MACHINE, System, CurrentControlSet, Co...
Testing and Cracking RDP Passwords with Hydra
มุมมอง 2675 หลายเดือนก่อน
Testing and Cracking RDP Passwords with Hydra
Email message analysis with PhishTool
มุมมอง 5337 หลายเดือนก่อน
Email message analysis with PhishTool
Suspicious file or email? Learn Malware Analysis with Any-Run
มุมมอง 1837 หลายเดือนก่อน
Suspicious file or email? Learn Malware Analysis with Any-Run
Configure and Setup your Meraki L2TP Connection in under 10 minutes.
มุมมอง 2148 หลายเดือนก่อน
Configure and Setup your Meraki L2TP Connection in under 10 minutes.
Eight Security Best Practices for WordPress sites.
มุมมอง 748 หลายเดือนก่อน
Eight Security Best Practices for WordPress sites.
Intro to Directory and File Brute Forcing with Dirbuster
มุมมอง 3788 หลายเดือนก่อน
Intro to Directory and File Brute Forcing with Dirbuster
Crash Course - Traffic Capture with Wireshark Traffic capture with Burp
มุมมอง 8289 หลายเดือนก่อน
Crash Course - Traffic Capture with Wireshark Traffic capture with Burp
Wireshark Basics - Capturing passwords
มุมมอง 31610 หลายเดือนก่อน
Wireshark Basics - Capturing passwords
Vulnerability Assessment Scans, Authenticated vs Unauthenticated
มุมมอง 60610 หลายเดือนก่อน
Vulnerability Assessment Scans, Authenticated vs Unauthenticated
Good tutorial... Simple and direct ! Thanks
Glad it helped. I also created a more detailed series on OpenVas administration in case you're interested in that too.
EvlWatcher Makes password cracker's life much harder. They would need a botnet to make any significant progress since by default it permanently bans IP after 5 * 3 = 15 tries. If they implement blacklist servers that would pretty much be impossible. That would make a botnet pretty much useless for RDP after attacking one target. DUO has an RDP MFA Solution - that makes password cracking alone ineffective. Sure, putting RDP behind a VPN is by far the most sensible option. If that's not practical limiting access from a single IP, ISP Ranges, or by country would limit RDP exposure. Changing the port just delays the discovery of RDP - can't be used as the only solution.
Very helpful. I wonder if there is a limit of how many users or device we can use the same credentials or if there is a way to limit 1 user to one specific device. Thank you.
I'm glad you found the information useful. At this moment you can't limit the number of concurrent connections. The only way I can think of limiting users to devices is requiring some type of ssl certificate on the devices. If i come. up with another idea I'll add it to the comment.
Good refresher!
glad it was useful.
Amazin video, super useful. Thank you sir!
thanks, I also created a series on openvas administration. You may find it useful as well.
Thank, good info.
Can we use more than 2 ips in a notepad for this?
Yes, you can create a target list and use -M option to point to it.
This was great. Watched to the end. Security Analyst in training!!
Thank you for your comment. I'm glad you found the info useful. I'm creating a series on Splunk Cloud, that may be useful to you as well if you're new to it.
good info, thanks.
Glad it was helpful!
Great one mate.
Thank you, i'm glad the info was useful.
Thank You, Install went well. Want to know for what tasks we can use the Etherape otherthan network traffic monitoring ?
Hello, I'm glad the info was useful to you. The main tasks I've seen used - and use myself - are for network troubleshooting and analysis. It's very common to use along with other tools to verify findings.
Thank you for the video. Once it is finished, is the files stored somewhere? If I close it, I have to run it again to see its outputs?
Hello Ziren, I'm glad the info was useful. You can click on the Report tab on the bottom right of the window to export the results, the results are not downloadable files for the target website.
Thank you!@@itbestpractice2741
This is great. Very thorough on ow this process works, and if like me you dont use this feature on your LAN, then this is a PERFECT explanation. Thank you.
I'm glad the info was useful to you.
Nice Clear Explaination! Thanks a Mil!!
I'm glad the info was useful to you.
What's the export file for?
Also would you happen to know if there's anyway you can get back tracked or exploited at all using etherape? I'm just a little sketched out by the export file and can find very limited information about it.
Nice Explaination..
Thank you, I'm glad it was useful.
تطبيق كالي لينكس لا يريد ان يشتغل عندي لماذا؟
good job man 👍
Thanks for the comment, I"m glad the info was useful to you.
How can we download the 7 day trial version of nessus and run the compliance Scan for DISA STIGs Google chrome? Can you guide me with that?
when i have 2 MX BOX with warm spare - routed, and terminated on the 1 single switch. then what would be the uplink configratuiion from switch towards meraki firewall.
It's the flipper of the pen-testing world.
very powerful tool indeed. Thanks for watching.
Thank you, this is one of the few videos that gave a good overview of etherape. Tnx
Glad you enjoyed it!
good easy to understand video. thank you❤❤
Glad it was helpful!
I highy suspect my neighbor hired an it guy to hack my wifi to enabe and disable my security cameras at whenever she pleases. I also have on a regular basis a device called Mysimolyink that on my network and that is the device that she uses for her security system. I do not have any devices or anythiing at all using MysimplyInk but if I block it using access control, my camera out back stops working I have tried changing the name of that device but it always gets changed back to my simlyiinik. Also, while running the Nma scan, I have multiple orts open such as 554 1025 etc and most of them say Microsoft msrpc but the first one 554 says rtsp ? is that anythig to worry about? Also I have 2 TPlink extenders for cameras too far away from router and I suspect maybe they are not secure also.
how do you combine the command for a port scan to include the scan for services on that port?
Hello dallaspilotcar, you specify the desired port by using -p and -sV for service version info. Depending on what you're doing, you can also use the -A for more comprehensive scan to include identify OS and service detection. I hope it helps.
I followed your TH-cam since 6 months ago. I find Really your vedios are very good and informative sir.. Thank you🎉🎉🎉 Love from India
Thank so much, I hope future videos continue to be useful.
Useful info, thanks
Glad it was helpful!
What’s the difference between lt2p and IPsec vpn?
L2TP as follows from the name, is a layer 2 tunneling protocol. So, it can tunnel Layer 2 frames over IPSEC. I think it means that you can have ARP requests/replies and DHCP work over L2TP/IPSEC tunnel. Whereas usual IPSEC tunnel tunnels Layer 3, meaning you have to have separate subnets at both ends of the tunnel.
Good
Glad you found the info useful.
p pp
thanks.
Thanks a lot for your video that was really interesting ! You have a new subscriber here
glad it was informative to you.
hi , how to block adult category in layer 7 rule
You can't, I mean, you can manually block sites by specifying the hostname but you'll be playing whack a mole. You need Cisco umbrella to have the web content filtering feature.
I see nothing about this that makes me feel warm and fuzzy. The docs are completely basic, no troubleshooting section, I tried installing on windows and an Ubuntu VM, ran into errors that stopped the installation process on both and I sent a message from their chat on their website and all I heard was crickets.
the project is still in its infancy, at this moment it does not offer anything you can't find in other vulnerability scanners, but if they deliver it will certainly be a good alternative to other open source projects. I didn't have any issue installing it and run it though.
@@itbestpractice2741 There's other things about the project that make me question it though, things that should have been fixed by now. Not sure how many people are working on it but it just 'feels' like this has run out of steam. I did finally get it installed. By default installs the community edition. There's a link to subscribe to the commercial version, it's a dead link. There's a create account link on the login page, when you click on it you're taken to the docs page, there's no wiki on github, no forum that I've seen so far and there's almost zero references on reddit, and what I have seen goes back years. If this has been around for multiple years and this is where it's at, I'd say it's on its way down. I'm not trying to shit on it, but there are so many things here that I feel are just not encouraging. If I understand correctly, their aspirations are lofty, but what's available now is a simple vulnerability scanner which returns far fewer actual results than other software when configured with as close to the same options as possible. It would be great if this turns around and pulls itself up, so I hope that does happen.
make a video installing it pls@@itbestpractice2741
What do you do with the information you enumerate tho? Let's say you find a mail server, a couple ptr, and host records how do we use this info to our benefit.
Hi Peter, it all depends on who's collecting the information, you may need to map out your domains surface, learn about the configuration of the organization. A record by itself may not provide much information, but dns records as part of security assessment may help identify technology, even deduce how organizations conduct technical and administrative businesses in reference to best security best practices. Or identifying the record may point you to a vulnerable site, or a site on a vulnerable server. The goal of the dns recon is to collect info that when use with other info may provide valuable information.
☺️ "promosm"
thanks.
Nice session
Thank you, I'm glad you found it useful.
how were you able to get your Multipass VM with Mageni to allow your host to connect to it over HTTPS? Mine keeps installing on a different VLAN than my Host and is inaccessible from the host OS.
Very nice guide! One question - how do we go about updating feeds? After the install, feeds show 1607 days old
find your container ID: docker containter ls connect to your container ID and open a bash session: docker exec -it "container ID" bash update the feeds greenbone-feed-sync --type GVM_DATA greenbone-feed-sync --type SCAP greenbone-feed-sync --type CERT I hope it helps.
On the reports, you didn't talk about the "RUNNING STATIC DEBUGGING ANALYSIS" what kind of informations are those?
you should move the nuclei to /usr/local/bin, use mv nuclei /usr/local/bin for the green nuclei
yeah, I worked off the download directory. Thank you for bringing it up, I'll add a comment to the video.
Such an awesome feature;
I'm glad it was useful to you.
Very useful and nicely explained mate...❤
glad you found the info useful.
where your sound broo?
I will re-record that video.
Hi, really helpfull video, do you take 1:1 class to teach meraki? please
I'm glad the video was useful to you. Sure, we can talk about 1:1 meraki training.
You can’t just end the video like this, you need to show last step!!!!!
thank you for watching and for your comment, I'll revise the video as soon as I have time and update it, or add the missing steps to the comment section.
Thanks for your video I learned a lot from this thanks. I am after a toll I can perhaps run on an RPi that will log traffic from a device on my LAN to any website Any suggestions or videos I missed?
Hi, do you mean to capture traffic, or just capture some logs? wireshark will do it, but whatever software you use needs to be installed in place to see all the traffic on your network, or you can do a port mirror\spanning on an uplink to your RPi. thanks for watching, I hope it helps.
Can this tool scan databases
no, it analyzes system and services.
Thanks!
Welcome!
Install went good. When I ran everything, the graphics did not show!
hi. any idea how greenbone scans databases
Hi Oshone, can you please elaborate? Openvas relies on feeds to check systems for known vulnerabilities. I"m not sure I'm following your question.
@@itbestpractice2741 I am trying to scan databases like oracle sql and mssql, i don’t know how to configure it. I can easily scan servers and network infrastructure but when it come to databases I can’t. I don’t know where to specify the Databases name and port