Jun 14, 2020
Posted in blog, Linux, Quick Tips, Tutorial
Welcome back again to another Stealthbay blog. So this week I was trying to setup a LAMP (linux, apache, mariadb, php) setup to test out some web apps. And, I thought I’d post a quick tutorial on what I did to set one up. Hopefully, it helps someone else out there to setup one very quickly using CentOS 8.
Note – I was using CentOS 8 on VMWare 15.5 and noticed there is an issue. Make sure you do not power the machine on right away. Go to the hardware settings on the VM and remove the “autostart.inf” it shows up as a CD/DVD drive. This is the easy install option and it messes up the installation.
Read more Of This Post
Mar 5, 2018
Posted in Information Security, Tutorial, Windows
Bypassing Windows Logon Passwords
Introduction
So I had a friend who had an old laptop sitting around collecting dust at home. He knew I was into computers and asked me if I wanted it. And you know a techie…. when someone throws out free hardware you just can’t complain or say no!!
However, he realized he did not remember his password, and wanted to see what files still were on the machine before he let me have it. He was sure he backed all files up awhile back when he got his new laptop. But, he wanted to be sure, and knowing I am a Security Analyst wondered if I could help him out. So, I went ahead and was able to obtain his password so he could login to delete or save any data he still wanted.
After I completed the task to recover the password, I decided it would make a great blog article to write about.
So here it is…… (more…)
Apr 24, 2017
Posted in blog, Featured, Information Security, Tools, Tutorial
BurpSuite & ZAP Bypass Proxy
I wanted to make this tutorial for users that might get stuck in a similar situation.
I was security testing a website using Burpsuite and would end up with SSL Handshake failures. And, it really made no sense at first since Burpsuite uses Java. And, I had the latest version of Java installed on my machine. Burpsuite was giving me SSL Handshake failure alerts and was asking me to install JCE Strong Cipher policies. Turns out the website was using VERY strong ciphers (which is a very good thing). And, they were using no medium or outdated ciphers.
Now, these ciphers are so strong that even the latest Java package does not contain them….yet.
So that meant I had to find another way to use Burpsuite, but still have the ability to make a proper SSL handshake using the strong ciphers. I then turned to another similar product called OWASP ZAP. This is a great product and I have used it back when I didn’t quite have the funds to purchase Burpsuite. What I realized was that I could use Burpsuite and have ZAP filter my traffic for me. For some reason ZAP has all of the strong ciphers and did not fail the SSL handshake, which meant I could transfer traffic as:
Browser -> Burpsuite -> ZAP -> Webserver
(more…)
Jul 16, 2016
Posted in Quick Tips
Windows 10 Shortcuts
So, I’ve been getting used to Windows 10 and it’s new “style” of how things are done.
I decided to post up some of the shortcuts known for Windows 10.
If you know of any that were missed please feel free to comment.
(more…)
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as I’d like 
