Category Archives: InfoSec

Information Security (InfoSec)

Secure your DNS!

Being accidentally given a list of all domains and sub-domains within an organisation increases vulnerability to attacks and exploits. A recent engagement uncovered something I”ve never encountered before – I was able to complete a full DNS zone transfer.  Usually DNS is locked down so that it’s not possible to complete a zone transfer, but… Read More »

Hands on Hacking training: Hacker House

4 days learning from industry leaders: I recently attended a four day intense Hands on Hacking course in Manchester, hosted by Hacker House. If you’ve not heard of the company, chances are you’ve heard of the founders; Jennifer Acuri and Matthew Hickey, both of whom are respected InfoSec professionals who not only have many years… Read More »

Responsible disclosure: Supporters and critics

Doing the right thing doesn’t always please everyone Recently I’ve been having a refresher around the area of Google Dorks – using sites and content indexed by Google to carry out Open Source Intelligence (OSINT). As is always the case, you’ll stumble across some interesting items that you can be sure the owner doesn’t want… Read More »