Weak and reused passwords are a persistent threat, especially after password dumps or internal audits. To help security teams make sense of cracked credential data, I’ve built the Cracked Password Complexity & Reuse Audit Tool that inspects cracked passwords for length, complexity, and reuse patterns. It generates a visual terminal report and an optional CSVContinueContinue reading “Password Complexity & Reuse Audit Tool”
Tag Archives: information security
Cisco Configuration File Auditing Tool (ccfat) : Automating Cisco Configuration Audits
Introduction Network security and performance depend heavily on correctly configured devices, especially Cisco routers, switches, and firewalls. A single misconfiguration can introduce vulnerabilities, create inefficiencies, or lead to compliance failures. Manual audits are time-consuming and prone to errors, but automation can change the game. The Cisco Configuration File Auditing Tool offers a seamless way toContinueContinue reading “Cisco Configuration File Auditing Tool (ccfat) : Automating Cisco Configuration Audits”
FortiGate Configuration Files Audit Tool (fcfat): Enhancing Firewall Security with Automated Analysis
Introduction Conducting regular audits of firewall configurations is essential for ensuring compliance, identifying potential security gaps, and maintaining optimal performance. This is where the FortiGate Configuration Files Audit Tool (fcfat) comes into play. Developed to streamline the auditing process for Fortinet FortiGate firewalls, this tool provides an automated way to analyze configuration files, detect misconfigurations,ContinueContinue reading “FortiGate Configuration Files Audit Tool (fcfat): Enhancing Firewall Security with Automated Analysis”
Should we be worried? Huawei router …Part II
This is a follow-up of this post… Good. Now we are at par. After getting the router config as in the earlier post, I got to comb through the router config. Interesting things, I tell you. One of the parameters, X_HW_MonitorCollector has a server URL of yjyx.gd.edatahome.com and a tftp port of 6169. As shown above,ContinueContinue reading “Should we be worried? Huawei router …Part II”
Auditing linux , unix OS..in 120 seconds flat
Well, most of us have seen the movie Gone in 60 seconds, so I decided to write a baseline script for auditing linux and most unix operating systems in well under 2 mins – averages about 130 seconds on my test Centos and Red hat distributions. The script is modeled around most of the operating systemContinueContinue reading “Auditing linux , unix OS..in 120 seconds flat”
Huawei HG8245H router “privilege escalation”…Part I
This is a prequel to this post here Well, I got to play around with my router a few weeks ago. My router, a Huawei HG8245H version, is pretty decent for home use. First things first, the login password is smack on the bottom of router as below. Most routers have a well known defaultContinueContinue reading “Huawei HG8245H router “privilege escalation”…Part I”
Lateral movement..Part I
Scenario: you are a normal user in your company’s domain. No admin privileges. Nothing. You can’t even install a program in your machine. What if I told you, that you can be the local administrator on your machine and probably on MANY more in your organization? I am not able to count the number ofContinueContinue reading “Lateral movement..Part I”
Alfie Njeru 