Category: DevOps

Brute-Forcing Sub-Domains of a Website

There is a difference, between enumerating sub-domains of a website and brute-forcing sub-domain names. Netcraft does a great job of listing us the DNS entries of sub-domains, but this is not always complete. For example, cisco.com might have a web server cluster (multiple web servers) to handle the high traffic of their site. Below is […]

Hiding or Changing your Web Server’s Banner

Many web servers advertise their not only the software running their web sites, but also the version number of that software as well.  This makes it much easier for attackers to find vulnerabilities to attack these web servers.  A typical scan with a popular scanner, nmap, is shown below. As we can see, the web […]

Setting up a Python Twisted Instance in Docker

What is Python Twisted?  According to Wikipedia: “Twisted is an event-driven network programming framework written in Python and licensed under the MIT License. Twisted projects variously support TCP, UDP, SSL/TLS, IP multicast, Unix domain sockets, a large number of protocols (including HTTP, XMPP, NNTP, IMAP, SSH, IRC, FTP, and others), and much more. Twisted is based on the event-driven programmingparadigm, which means that users of Twisted write short callbacks which are called by the framework.” Docker Image download […]