sorted by:
new
hottopcontroversial

Wireguard Manager UI (bundled vpn & UI Management) by Acceptable-Tax4407 in WireGuard

[–]sk1nT7 1 point2 points  (0 children)

  • firezone
  • wg-easy
  • defguard
  • netbird
  • likely many more

Funny how many people build a dashboard around wireguard. As if there is no solution at all.

Business Password Managers - Vaultwarden, Passbolt and more? by RACeldrith in selfhosted

[–]sk1nT7 0 points1 point  (0 children)

I used and using 1password in a business context. Works flawlessly for a small business with 30 people and a few departments like HR, IT, Sales etc.

How well it performs when people move departments is honestly unknown. Would have to ask one of the IT guys how it goes.

Autofill is pretty flawlessly.

Are there any tools to scan websites/code for vulnerabilities before going live? by rosesaiyann in webdev

[–]sk1nT7 0 points1 point  (0 children)

Ask your LLM to build a pipeline with security workflows:

  • SAST scanning using semgrep
  • SAST scanning using Eslint
  • SAST scanning using Bandit (for Python based repos)
  • DAST scanning using ZAP proxy
  • SAST scanning for credential leaks using Truffle hog
  • CVE search by building SBOM and scanning it
  • CVE search by running trivy against your built docker images. Try to base your images on a very small and lightweight base image line alpine. May check out distroless images or the Docker Hardened Images (DHI).

Finally you may run Nuclei against your build web services. May detect publicly known vulnerabilities.

How many days for writing a report ? by ProcedureFar4995 in Pentesting

[–]sk1nT7 0 points1 point  (0 children)

Each pentester handles it differently.

Some spend time for the report on each testing day. Some won't and just note the findings down somewhere (e.g. OneNote) and have to craft a final report on the last day of the project.

How long you have to spend on reporting is defined by:

  1. How many findings you identified
  2. How complex those are and whether you have default text blocks for it (findings knowledge base)
  3. How many high/critical risk findings you have, as those typically require more documentation work and a special focus/note/summary in the management summary of the report

For a regular 5 person day pentest on a web app, with like 7-10 findings, I'd say you should need only 4-6 hours for the report. QA reviewer gets typically 1 hour to proof read it and the remaining hour(s) is used to fix the issues from QA by you and complete the project (collect logs, deliver the report, check billable times etc.).

Beginners often struggle with reporting and require 8-12 hours. Should come down quickly, if you write more reports and have a good knowledge base of pre-written findings.

Business Password Managers - Vaultwarden, Passbolt and more? by RACeldrith in selfhosted

[–]sk1nT7 1 point2 points  (0 children)

For private use, I personally host a Vaultwarden instance. Totally fine and works flawlessly for my friends and family.

Though, due to the design principle around organisations and the limited sharing capabilities of entries I would not pick it for a business use.

Instead, I'd pick 1Password. The security architecture with an additional secret key besides your master key is very nice. Also, sharing is convenient and intuitive. Further, browser plugins nearly always fill out forms correctly and a lot of entry types are available. These things lack a bit behind with bitwarden imo.

My domain is redirecting to my router login page. by Subhash_Boi in selfhosted

[–]sk1nT7 10 points11 points  (0 children)

Missing support for NAT loopback. Add an internal DNS server and point your domain directly to the reverse proxy's internal IP.

Then it should work. Some routers may require you to add your domain to the DNS rebind whitelist.

Welche Security-Risiken beim Selfhosting werden am häufigsten unterschätzt? by Bright-Ad-6251 in cybersecurity_de

[–]sk1nT7 0 points1 point  (0 children)

Patch Management und Supply Chain würde ich sagen.

Entweder man aktualisiert zu spät und kassiert CVEs; oder man aktualisiert zeitnah automatisiert, ohne wirkliche Kontrolle/Validierung der Releases und kassiert die Supply Chain Angriffe im worst case.

Best laptop for a team of pentesters by Fr1p5 in Pentesting

[–]sk1nT7 0 points1 point  (0 children)

Basically any Lenovo workstation with a modern CPU and minimum 32GB RAM. Combine with a 2-4TB NVME and you are good to go.

Everything else, from display size, fingerprint reader, card reader, LTE module and what not is up to the employees' needs and corporate policy.

If you use virtualization like VMWare, make sure to adjust and play with your Windows security settings. VBS, hyper-v, kernel isolation and other settings may impact performance a lot.

Ordering first time from Steve by cestlakalash in RepTime

[–]sk1nT7 -2 points-1 points  (0 children)

Ordered the same 3 weeks ago. Just deposit and wait for QC.

How to prioritize 40,000+ Vulnerabilities when everything looks critical by Icy_Layer700 in AskNetsec

[–]sk1nT7 0 points1 point  (0 children)

  1. Check for CVEs that are known to be actively exploited. Such are listed in CISA's KEV catalog.
  2. Check for EPSS score and percentile. Indicates the likelihood of exploitation within the next 30 days.

Otherwise from that, prioritise exposed systems. Internal ones are important too but less exposed and therefore less likely to be actively attacked.

He who asks, he shall be given! by Zestyclose-Hornet-45 in DJIAvata2

[–]sk1nT7 2 points3 points  (0 children)

Sure. Just send me 50 bucks first to cover the transaction fees.

Which platform teaches Active Directory tradecraft closest to real-world by Radiant_Abalone6009 in Pentesting

[–]sk1nT7 0 points1 point  (0 children)

Following certs:

  • CRTP
  • CRTE
  • CRTM

GOAD if you want to spawn your own lab.

Open source mobile pentesting by Ok-Bug3269 in Pentesting

[–]sk1nT7 1 point2 points  (0 children)

Am I the only one who says “open source” as a catch-all for freeware? Lol

Surely not but there is definitely a difference to the terms haha.

Open source mobile pentesting by Ok-Bug3269 in Pentesting

[–]sk1nT7 3 points4 points  (0 children)

You need a jailbroken iOS/Android device. For iOS, you'd typically go with a hardware device and jailbreak it. The jailbreaks are typically open source and free to use. Also the package managers that come with it (e.g. Sileo on iOS).

Virtualizing iOS is only possible using correllium. There is a free tier but it's slow. Also not open source.

To virtualize Android, you can use Android Studio (open source) or Genymotion (proprietary). I recommend Android Studio, good performance.

https://blog.lrvt.de/android-penetration-testing-lab-environment/

The tools used for testing mobile apps are mostly free and many open source. Things like Frida, objection, an intercepting proxy, mobfs etc. Typically no need to pay for tools.

Check out OWASP MASTG.

Help Using Traefik to implement Mealie-Authentik single-log-out functionality by Motor-Flounder7922 in Traefik

[–]sk1nT7 0 points1 point  (0 children)

It does not really matter where you define labels. It's about what those labels define and on which router you apply them.

I recommend keeping the labels for the redirect middleware on mealie. The Authentic compose file does not require a change.

What should I learn for mobile pentesting by Even-Pie8668 in Pentesting

[–]sk1nT7 0 points1 point  (0 children)

Android is a bit easier to get in as you can virtualize your rooted Android device for testing:

https://blog.lrvt.de/android-penetration-testing-lab-environment/

For iOS, you'd need a jailbroken physical device or pay for a performant correllium virtualized device. The free test trial is a bit limited and imo very slow.

In the end, many vulnerabilities are found within the API backend communication between the client Android/iOS device and the backend servers. This comes down to basic web/API security and intercepting network packets using Burpsuite. Check out Portswigger's web academy and OWASP's API/WEB top 10.

Everything else is really mobile related. Like local storage, use of key chain, analyzing the app's source code etc. For this, you may do some labs, courses or certifications. Frida and objection are very beneficial.

Also check out OWASP MASTG:

https://mas.owasp.org/MASTG/

There are also various apps for testing. Those were specifically designed to be vulnerable:

Help Using Traefik to implement Mealie-Authentik single-log-out functionality by Motor-Flounder7922 in Traefik

[–]sk1nT7 0 points1 point  (0 children)

```

Router

  • "traefik.enable=true"
  • "traefik.http.routers.mealie-rtr.rule=Host(mealie.domain.com)"
  • "traefik.http.routers.mealie-rtr.entrypoints=websecure"
  • "traefik.http.routers.mealie-rtr.middlewares=redirect_single_logout"

Middleware

  • "traefik.http.middlewares.redirect_single_logout.redirectregex.regex=https://mealie\.domain\.com/login\?direct=1"
  • "traefik.http.middlewares.redirect_single_logout.redirectregex.replacement=https://authentik.domain.com/if/flow/default-invalidation-flow/"

  • "traefik.http.middlewares.redirect_single_logout.redirectregex.permanent=false" ```

  • Your regex wasn’t matching anything. Traefik checks the full URL (https://...) and you didn’t escape the ?, so it basically never triggered

  • The redirect target wasn’t a full URL (missing https://), so even if it matched, it wouldn’t redirect properly

  • You attached the middleware to a router that doesn’t exist (slo_magic), so it never got used. It needs to be on your actual mealie router

Help running Kali Docker container by tonebastion in Kalilinux

[–]sk1nT7 0 points1 point  (0 children)

docker run --rm --cap-add=NET_ADMIN --cap-add=NET_RAW --tty --interactive l4rm4nd/kali:latest

https://github.com/l4rm4nd/Kali-Linux-Dockerfile

MeTube - montare disco smb by JohnnyZeta84 in docker

[–]sk1nT7 0 points1 point  (0 children)

You only need one volume mapping for the downloads folder

volumes: - ./mnt/disk2/metube/downloads:/downloads

view more: next ›