Proactive Defense

Know your enemy.

Sunday, May 19, 2013

Understanding Buffer Overflow Exploits

The first time that I had to work with a buffer overflow exploit, I was completely out of my depth. Although I could build networks and con...

Friday, June 15, 2012

ESXi Security Lab

Late last year, I set about building a new virtualization platform to serve as my security lab. Since the advent of Microsoft Hyper-V and VM...

Friday, January 13, 2012

OSCP - My review

The truism "anything worth having doesn't come easy" is one I have often remembered when on a particularly difficult path to a...

Saturday, February 6, 2010

SSL Server Has SSLv2 Enabled Vulnerability, PCI and IIS

If you are involved with PCI compliance scanning you are probably familiar with the "SSL Server Has SSLv2 Enabled" vulnerability. ...

Sunday, January 3, 2010

Security awareness training

Security awareness training is one of the least expensive and most effective ways of protecting your organizations assets. I came across thi...

Tuesday, December 1, 2009

SHODAN - Banner grabbing search engine

I recently discovered a new search engine which has some interesting capabilities, from the site.. SHODAN lets you find servers/ routers/ ...

Thursday, November 26, 2009

Using Nmap to fingerprint network applications

nmap is one of my favorite network tools. It's versatile and powerful and lots of fun to use. Nmap scan types are denoted by -s*. -sS is...

View web version

About Me

ProactiveDefender: I am an Information Security researcher and consultant. Information Security has been my professional focus and passion for the past 15 years. I work as the Director of Information Security for an internet retailer where I help to manage a security program and infrastructure.

View my complete profile

Powered by Blogger.