Linux Auditing Tool

Lynis an excellent tool to audit your linux servers. As per the website

Lynis is an open source security auditing tool. Primary goal is to help users with auditing and hardening of Unix and Linux based systems. The software is very flexible and runs on almost every Unix based system (including Mac). Even the installation of the software itself is optional!.

Go GET IT from -

Happy Auditing

.......have fun

Wireless IDS

I have found this neat tool while just searching for some IDS. Check it out ...

DA-WIN, a wireless IDS, provides an organization a continuous wireless scanning capability that is light touch and simple

Url -

Happy Hacking ......

Hic !!!!

Penetration Testing Tool

A must have penetration tool

From the project website

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

Happy Hacking ...... :)

Intrusion Detection and Prevention Engine

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field.

Download it from here -

Have fun . ..

Penetration Testing

Check out this distribution with collection of great tools to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment.

Happy Hunting ... Bleh

Hackers Comic

All you wanna be hackers new bees check out below comic strip ... for some geeky cool comic


Night Lion Security PHP Stress

Night Lion Security proof of concept denial of service / stress tester for PHP websites running with Apache and NGINX systems (PHP-FPM and PHP-CGI)

About -

to Download it -

Have Fun ......

Etherape - Check your Network Traffic

A nice GUI interface to see where your network traffic is going to or coming from.

Screenshots -

Website -

Have fun

Random Js Virus

In late 2009 and early 2010 i have seen a new kind of Attack on websites which Security Companies Named as Random Js Virus. It used to insert a java script code to redirect the page on a rogue website inside tag. Lately they have started putting encrypted code to make it look like a genuine code.

I am still seeing its happening to lost of websites. The main reason are : -

1) Week FTP Passwords

2) FTP traffic in plain text

3) Sql Injection

GNU/Linux Server Security - The Initial Steps

Below are the Steps and the links to the tools which you can use on your GNU/Linux server to make it secure.

Server Security:-

1) If you are not having cpanel / webmin and not good with iptables rules as well you can use APF however if you are having cpanel then go for Both the utilities provides easy to use interface to configure the firewall rules

2) You can use more tools from this page

3) On server where you are not using cpanel you can use.