Jun 14, 2020
Posted in blog, Linux, Quick Tips, Tutorial
Welcome back again to another Stealthbay blog. So this week I was trying to setup a LAMP (linux, apache, mariadb, php) setup to test out some web apps. And, I thought I’d post a quick tutorial on what I did to set one up. Hopefully, it helps someone else out there to setup one very quickly using CentOS 8.
Note – I was using CentOS 8 on VMWare 15.5 and noticed there is an issue. Make sure you do not power the machine on right away. Go to the hardware settings on the VM and remove the “autostart.inf” it shows up as a CD/DVD drive. This is the easy install option and it messes up the installation.
Read more Of This Post
Apr 14, 2020
Posted in blog, Cloud, Encryption, Featured, Information Security, Quick Tips, Windows
Azure Security Best Practices – Part 1
Hello and welcome again!
This time around, I’ve decided to make this
blog post as a Part 1 of many several parts that will be released. There
is just too much Azure security information to put up in a single post. So, my
plan is to make multiple posts over time.
Azure has many great security features that not everyone may be aware of right from the start. This post will focus on some key areas of Azure, and how it can better enhance the security of the environment. Key focus will investigate security best practices for Azure.
Read more Of This Post
Feb 5, 2017
Posted in cheatsheets, Quick Tips, Tools
Default Passwords for IP Cameras
So, I decided to post a list of default passwords for most IP camera’s. I will try to update this list as specifications change or are added over time.
This list is very useful for conducting penetration testing. I’ve found that many camera devices will either not ask the user to “create” a password or a “new” non-default password. The camera I ended up purchasing for testing ended up asking and forcing the users to enter a new password upon setup.
(more…)
Jan 12, 2017
Posted in Encryption, Quick Tips, Reviews, Tools
SSL Scanning Websites
So today, I came across a website that does a quick SSL test on your website.
Anyone with a website should really be running this tool. I actually did find a few minor issues and was able to gather some info about it.
Our Results
Here is what we got for our results:
whynopadlock
It’s looking good for us and especially since we have forced all our internal links to make use of HTTPS
I also wanted to list a bad result as shown below.
(more…)
Dec 12, 2016
Posted in Encryption, Information Security, Quick Tips, Tutorial
HTTPS Site Wide
So, I wanted to write up a quick tutorial on using HTTPS globally or on certain directories of a website.
I had a friend asking me about how they could force HTTPS throughout their whole website. So, I listed a tutorial below to do so and he was able to accomplish HTTPS site wide.
Now, there are multiple ways this can be achieved. In the case of my friend he was on a shared hosting web server. Therefore, shared webhosting users normally will not have access to modify the apache config files.
So that leaves us with a simple solution (htaccess) that all users can make use of fairly easily. All it required is a file edit or creation of a file and the ability to FTP or upload it to your web root directory.
What is an htaccess file?
(more…)
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as I’d like 
