Nikto – Web server scanner

Note: Nikto is included in latest Kali Linux (2020.1) Nikto is a web server assessment tool. It is designed to find various default and insecure files, configurations and programs on any type of web server. It can be used to discover potential issues and security vulnerabilities from web servers including: Server and software misconfigurations Default …

How to: Remove/Clear journal log files (To free some storage) for Debian/Ubuntu etc.

Journal logs are stored in “/var/log/journal” folder Check journal log file size We can open that folder to check manually or use “ncdu” command, we can also use dedicate journalctl command sudo journalctl –disk-usage Change maximum journal log folder size 1 Open “/etc/systemd/journald.conf” file 2 Change or add following line SystemMaxUse= To a size you …

Did you know even you are in incognito mode, browsing behaviour can be still be tracked by canvas fingerprinting

The canvas element in HTML5 is on attribute to be used fingerprinting, namely “canvas fingerprinting”. This attribute will write and read an image while rendering the web page. As the value of a retrieved image provides a unique characteristic of the user operating system that is sufficient enough to be used for identification of a …

Introduction to /etc/passwd and /etc/shadow files in Linux systems (Debian/Ubuntu/CentOS/RHEL etc.)

Linux operating systems store all username and password (including administrators/root) in /etc/passwd and /etc/shadow file. /etc/passwd Each user has a line of corresponding record which records basic attributes. Only root/administrators can modify it. All other users have read only access to it. /etc/shadow As name suggested, this file is like shadow of “passwd” file. The …

How to: Switch Desktop Environments for Kali Linux easily

By default, Kali Linux uses XFCE as desktop environment, it is lightweight and quick. Sometimes we want to switch to other desktop environment like GNOME, here is how (Switch to other desktop environment will have similar steps) We can Install GNOME desktop environment with tasksel. (Easier) 1 Launch tasksel sudo tasksel 2 Make sure “GNOME” …

How to: Upgrade Roundcube webmail easily with terminal/command

Roundcube is an open source web/online MUA (mail user agent) Note!: Don’t forget to change the download link and folder name for wget and Install/Update (Step 2 and 4) #1 Switch to /tmp directory cd /tmp #2 Download the package with wget wget https://github.com/roundcube/roundcubemail/releases/download/1.4.3/roundcubemail-1.4.3-complete.tar.gz #3 Extract the package tar xf roundcubemail-*.tar.gz #4 Install/Update ./roundcubemail-1.4.3/bin/installto.sh /destinationFolder/roundcube …

How to: Run Linux commands with time limit/timeout (Kill process/command after some time)

Sometimes we want to stop or kill the command after a period of time, so that we don’t get stuck with that command and wasting resources etc. To specify timeout or time limit for Linux command, we can use timeout command Command Usage/Parameters timeout [OPTION] DURATION COMMAND [ARG]… DURATION is integer or floating point with …

How to: Add DSCP, QoS, 802.1Q VLAN ID to Wireshark columns

Sometimes we want to see DSCP, QoS, 802.1Q VLAN ID information while diagnosing the network. Here is how to add those to columns for easier inspecting 1 Launch Wireshark, select an NIC to work with 2 Right click on the column (Near top, under the toolbar) 3 Then click on “Column Preferences…” 4 Navigate to …