Metasploit Exploit Creation, Step By Step

Struggling to understand the ins and outs of an exploitation tutorial? Looking for an easy to follow video demonstration? Trying to figure out how to turn an exploit into a Metasploit exploit module? Look no further!

Read More...

ROI in Information Security and Auditing

SANS Institute report indicates we're spending our time and money in the wrong places!

Read More...

IT Audit Controls that Matter

IT professionals talk about lots of different types of controls. Can this be simplified? Let's consider just three that really matter. Read More...

Data Recovery from Dead Drives

Ever head to deal with a dead drive? If you have you probably know that the drive in question always has really important stuff that you don’t have anywhere else. What can you do to recover this data without forking out an armful of dollars?

Read More...

Trends in Vulnerability Management

Trying to figure out what’s important when it comes to Vulnerability Scanning and Vulnerability Management? Take a look at this Webcast for our predictions!

Read More...

Building an Incident Response/Audit CD

Whether you are working as a security incident responder or a system auditor you should have a response or analysis CD in your tool kit. While there are many different bootable systems available, what if you want to do response without rebooting? What if the tools that you need aren't on the CD? What if there is no CD available for your operating system? This article covers a step by step process for creating a security response/analysis CD of your own that's customized for your system.

Read More...

Training Videos

You may have noticed that we have a new feature available on our site. Videos!!!
Read More...

Attacking Applications

Curious about the tools and techniques involved in testing or attacking web applications? This blog entry and short video give a brief introduction to just one of the tools with an easy to follow demonstration!
Read More...

PCI Testing Suite

Are you looking to provide assurance that your organization is compliant with the PCI/DSS standard regardless of what your ASV or QSA says? Take a look at this useful toolkit for performing self-assessments!

Read More...

Log Aggregation & Management

The top question asked by customers and students is how to effectlvely manage Windows logs in an enterprise. Read on for a free (as in beer) solution to this problem!

Read More...

Writing Policies

Writing effective policy requires more than simply stating what employees are not permitted to do. This article tries to explain some good strategies for creating effective poliicies in your enterprise.

Read More...

Zone Transfer without the AXFR

Zone Transfers are the quick and easy way to figure out what’s what during a pen-test but these days they almost never work. This article explains how to get the same data without tripping the alarms!

Read More...

Keeping Cool

What’s the story with all of this talk of freezing memory chips and then extracting RAM after power off? Read on for more information!

Read More...

Magstripe Magic!

Have you ever wondered what exactly is on those magnetic stripes? This article includes some useful information on how the stripes are encoded, examples of how they can be read and, if you’re willing to make the effort, enough information to reconstruct a do-it-yourself card reader!

Read More...

The Dangers of Source Routing

Source routing has been around for a very long time. Even so, many network engineers fail to understand the potential dangers in allowing source routed packets to pass through internal routers.

Read More...

Networking Basics

Are you missing some of the basic fundamentals of how computers and networks work? This is true for many people who are transitioning into IT from other roles, especially in the audit disciplines.

Read More...

Poor Passwords - The Real Risk!

Think your password policy is good enough? Find out about the vulnerability that almost everybody has but almost nobody fixes!

Read More...