Home / Security

Security

Create a custom cracking Wordlist

To perform a good pentest, nothing better than a custom wordlist to crack passwords. We may be able to generate a custom wordlist that reflects our knowledge of the target or the organization’s password policy (For example : 10chars min, Special chars …) Information Gathering To build a good wordlist, …

Read More »

Monitor Windows security events with Centreon & NsClient++

If you don’t have any SIEM yet, you can start to monitor some Windows security events with Centreon & NsClient++. We’ll use the sheet cheat Top Windows events you should monitor to help us create desired services :) Prerequisites You need to have the following features already implemented : a …

Read More »

Top Windows events you should monitor

Windows security logo

Your infrastructure continuously generates log data that you can use to monitor network infrastructure and manage security events. I share you my cheat sheet of importants events that I used to monitor, but before, lets activate all the logs we need 1 / Enable Advanced auditing For some events we’ld …

Read More »

Gophish : Familiarisez vos employés au phishing ! Part I : Installation

Gophish est un framework open-source, vous permettant de créer des campagnes de phishing. L’objectif, ici, est de sensibiliser les collaborateurs au phishing, et pourquoi pas, leur proposer des formations de sécurité informatique suite aux résultats des différentes campagnes de phishing. Dans cette première partie, nous allons installer GoPhish sur un …

Read More »

Gophish : Familiarisez vos employés au phishing ! Part II : Prise en main

Nous avons vu dans le précédent post : Gophish : Familiarisez vos employés au phishing ! Part I comment installer GoPhish. Nous allons maintenant prendre l’outil en main et créer notre première campagne de Phishing :).  

Read More »