Tag Archives: security

Password Complexity & Reuse Audit Tool

Weak and reused passwords are a persistent threat, especially after password dumps or internal audits. To help security teams make sense of cracked credential data, I’ve built the Cracked Password Complexity & Reuse Audit Tool that inspects cracked passwords for length, complexity, and reuse patterns. It generates a visual terminal report and an optional CSVContinueContinue reading “Password Complexity & Reuse Audit Tool”

Cisco Configuration File Auditing Tool (ccfat) : Automating Cisco Configuration Audits

Introduction Network security and performance depend heavily on correctly configured devices, especially Cisco routers, switches, and firewalls. A single misconfiguration can introduce vulnerabilities, create inefficiencies, or lead to compliance failures. Manual audits are time-consuming and prone to errors, but automation can change the game. The Cisco Configuration File Auditing Tool offers a seamless way toContinueContinue reading “Cisco Configuration File Auditing Tool (ccfat) : Automating Cisco Configuration Audits”

FortiGate Configuration Files Audit Tool (fcfat): Enhancing Firewall Security with Automated Analysis

Introduction Conducting regular audits of firewall configurations is essential for ensuring compliance, identifying potential security gaps, and maintaining optimal performance. This is where the FortiGate Configuration Files Audit Tool (fcfat) comes into play. Developed to streamline the auditing process for Fortinet FortiGate firewalls, this tool provides an automated way to analyze configuration files, detect misconfigurations,ContinueContinue reading “FortiGate Configuration Files Audit Tool (fcfat): Enhancing Firewall Security with Automated Analysis”

Oracle EBS Security auditing

So this is my attempt to improve on this post I wrote last year and other tests that I find helpful. Whatever is outlined here really is a tip of the iceberg and further tests should definitely be done depending on scope, objectives… Application testing: Controls to test: Default application account credentials Weak application passwordContinueContinue reading “Oracle EBS Security auditing”

Should we be worried? Huawei router …Part II

This is a follow-up of this post… Good. Now we are at par. After getting the router config as in the earlier post, I got to comb through the router config. Interesting things, I tell you. One of the parameters, X_HW_MonitorCollector has a server URL of yjyx.gd.edatahome.com and a tftp port of 6169. As shown above,ContinueContinue reading “Should we be worried? Huawei router …Part II”

Auditing linux , unix OS..in 120 seconds flat

Well, most of us have seen the movie Gone in 60 seconds, so I decided to write a baseline script for auditing linux and most unix operating systems in well under 2 mins – averages about  130 seconds on my test Centos and Red hat distributions. The script is modeled around most of the operating systemContinueContinue reading “Auditing linux , unix OS..in 120 seconds flat”