Apache Struts CVE-2018-11776 – Testing, Analyzing, & Detection

Intro Any time a new Apache Struts vulnerability comes out it should be taken pretty seriously as there are many “mission critical” systems that are leveraging the framework, with a considerable amount of them being public facing. Unfortunately, as a Continue reading

Home Lab Setup (2017)

In this post and video I give a quick run down of my Home Lab – everything from the rack itself, to the hardware and the basics of what everything is being used for. I started this project towards the Continue reading

ELK Stack – Installing and Configuring Curator

In this post I am going to quickly cover what is needed to get Curator up and running on the ELK stack. In the last few posts about the ELK stack I covered everything needed to get it installed, configured Continue reading

Exploiting Apache Struts – CVE-2017-9805

CVE-2017-9805 is yet another very legitimate vulnerability in the Apache Struts framework. In the video, I demonstrate how easy it is to run a simple public python script against a vulnerable remote server, ultimately resulting in a reverse shell back Continue reading

ELK 5 on Ubuntu: Pt. 3 – Installing and Configuring Beats Agents on Windows Clients

In the previous two posts I went over everything from installing Ubuntu to getting the ELK stack setup and ingesting logs from itself. Now in this final post in the series I am going to cover collecting Windows Event and Continue reading

ELK 5 on Ubuntu: Pt. 2 – Installing and Configuring Elasticsearch, Logstash, Kibana & Nginx

In part one of this series, I went over the basics of installing and configuring Ubuntu 16.04. Now in this part, I am going to take that same VM and go over everything needed to create a functional ELK stack Continue reading

ELK 5 on Ubuntu: Pt. 1 – Installing and Configuring Ubuntu 16.04

In this post I am going to cover the steps needed to install and configure Ubuntu 16.04 Desktop as the base operating system for what is going to become the ELK Stack server. My intention with this first post is Continue reading