Perform a Nessus scan via port forwarding rules only

This post will be a bit different from the usual technical stuff, mostly because I was not able to find any reliable solution on Internet and I would like to help other people having the same doubt/question, it's nothing advanced, it's just something useful that I didn't see posted before. During a recent engagement I found myself in a strange network position. I had to perform a Nessus credentialed and patch checks on some Windows server, I was in a vLAN...

VPN Leak

(Edited on 06/04: in order to reflect the actual situation)

TL:DR: VPN leaks users’ IPs via WebRTC. I’ve tested hundred VPN and Proxy providers and 19 of them leaks users’ IPs via WebRTC (16%)

You can check if your VPN leaks visiting: http://ip.voidsec.com Here you can find the complete list of the VPN providers that I’ve tested: https://docs.google.com/spreadsheets/d/1Nm7mxfFvmdn-3Az-BtE5O0BIdbJiIAWUnkoAF_v_0ug/edit#gid=0 Add a comment or send me a tweet if you have updated results for any of the VPN which I am missing...

Bulletproof Hosting

So che la pubblicazione di questo articolo è arrivata enormemente in ritardo rispetto alle mie promesse, vi accorgerete però leggendolo quanto lavoro di ricerca ci sia dietro a queste informazioni.

Cos’è un Bullet Proof Hosting?

ISP, compagnie di hosting o fornitori di servizi online che permettono al cliente di “pubblicare” online qualsiasi tipo di contenuto. Solitamente molti servizi hanno dei Termini di Servizio (ToS) che non permettono al cliente di caricare determinati contenuti, impedendo, di fatto, l’uso del servizio; sospendendo l’account...