Steven’s Tech Blog
A variety of content documenting my adventures as a security engineer and software developer
Categories
- Miscellanious (0)
- Network Security (3)
- Security Tools (0)
- Software Security (0)
- Web Development (0)
- Web Security (1)
Posts
-
An In-Depth Look at TLS
The ‘S’ in HTTPS, the lock icon in the top left of your browser, the lack of a suspicious “this site is insecure” warning – most everyone who uses the internet is familiar with these, yet fewer know what exactly they mean, and even fewer still understand how it works behind the scenes. Transport Layer…
-
Exploiting SMTP
(Continuation of Part 2) For the next network security challenge, I will be testing my skills against a vulnerable SMTP server. SMTP (Simple Mail Transfer Protocol) is one of a few application-layer protocols powering e-mail services, along with POP (Post Office Protocol) and IMAP (Internet Message Access Protocol), with SMTP being primarily responsible for sending…
-
Exploiting NFS
(Continuation of Part 1) In this challenge, I will be exploiting an intentionally misconfigured NFS server to obtain root privileges. Network File System (NFS) is used to share files over a network, allowing users to access remote files as if they were local. Starting out with a basic nmap port scan, I discovered that an…
More Posts…
“The best way to ensure success is to triple your rate of failure.”
“The day we stop learning is the day we start dying.”
“What a beautiful day it is. If only I’d realized that sooner.”