Category Archives: Linux

Are you sure? Are you one hundred percent sure?


rm -rf pic*

Are you sure? Are you one hundred percent sure?

… allows you to run a command and see what it does to your files without actually doing it! After reviewing the operations listed, you can then decide whether you really want these things to happen or not.

Screenshot of maybe

What is this sorcery?!?
Continue reading Are you sure? Are you one hundred percent sure?


Kali 2.0 Linux ISO of Doom

Setting up the OpenVPN Server

We will first set up our OpenVPN server on a Kali Linux box with an external IP address (a.b.c.d). Once that’s done, we’ll build The Kali Linux ISO of Doom on the same machine and make it available for download thorough HTTP

echo "1" > /proc/sys/net/ipv4/ip_forward
# Turn the server into the client's gateway
iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE
# Generate the OpenVPN server and client certs.
mkdir /etc/openvpn/easy-rsa
cp /usr/share/easy-rsa/** /etc/openvpn/easy-rsa
cd /etc/openvpn/easy-rsa/
sed -i 's/ --interact//' build-ca
sed -i 's/ --interact//' build-key-server
. ./vars
./build-key-server server
./build-key client


Continue reading Kali 2.0 Linux ISO of Doom


Pentest tools – Burp Suite Professional v1.6.23

Burp Suite contains the following key components:
An intercepting Proxy, which lets you inspect and modify traffic between your browser and the target application.
An application-aware Spider, for crawling content and functionality.
An advanced web application Scanner, for automating the detection of numerous types of vulnerability.
An Intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
A Repeater tool, for manipulating and resending individual requests.
A Sequencer tool, for testing the randomness of session tokens.
The ability to save your work and resume working later.
Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.

Burp is easy to use and intuitive, allowing new users to begin working right away. Burp is also highly configurable, and contains numerous powerful features to assist the most experienced testers with their work.
Release Notes


This release adds a new scan check for external service interaction and out-of-band resource load via injected XML doctype tags containing entity parameters. Burp now sends payloads like:

%f5a30; ]>

and reports an appropriate issue based on any observed interactions (DNS or HTTP) that reach the Burp Collaborator server.

The release also fixes some issues:

Some bugs affecting the saving and restoring of Burp state files.
A bug in the Collaborator server where the auto-generated self-signed certificate does not use a wildcard prefix in the CN. This issue only affects private Collaborator server deployments where a custom SSL certificate has not been configured.


linux – Openvas 8 on Ubuntu 14.04 server

Install Openvas 8 on a local Ubuntu 14.04. The greatest part of this installation is done as root user so don’t install this on an internet facing server.

First we install all the packages needed for a succesfull Openvas 8 installation.

sudo apt-get install -y build-essential devscripts dpatch libassuan-dev \
libglib2.0-dev libgpgme11-dev libpcre3-dev libpth-dev libwrap0-dev libgmp-dev libgmp3-dev \
libgpgme11-dev libopenvas2 libpcre3-dev libpth-dev quilt cmake pkg-config \
libssh-dev libglib2.0-dev libpcap-dev libgpgme11-dev uuid-dev bison libksba-dev \
doxygen sqlfairy xmltoman sqlite3 libsqlite3-dev wamerican redis-server libhiredis-dev libsnmp-dev \
libmicrohttpd-dev libxml2-dev libxslt1-dev xsltproc libssh2-1-dev libldap2-dev autoconf nmap libgnutls-dev \
libpopt-dev heimdal-dev heimdal-multidev libpopt-dev mingw32

Continue reading linux – Openvas 8 on Ubuntu 14.04 server


Linux – Openvas 7 on the raspberry pi

Install OpenVAS 7 on the raspberry pi

You can download a ready to use Rapberryvas image from these mirrors:
(I used a 16GB sdcard to flash them using Win32DiskImager. )
username: pi password:0penvas
login Openvas https://ip user: openvas password:0penvas

Openvas is a great vulnerability scanner
No packages are available for version 7 so i have installed it from source on my raspberry pi.

Continue reading Linux – Openvas 7 on the raspberry pi