❌

Reading view

Testing TLS and CertificatesΒ 

Pentest reports sometimes include bad information under a heading like, β€œWeak TLS Configuration” or β€œInsecure SSL Certificates.” This article will explain how TLS is supposed to work, common ways it […]

The post Testing TLS and CertificatesΒ  appeared first on Black Hills Information Security, Inc..

  •  

Finding: Server Supports Weak Transport Layer Security (SSL/TLS)

David Fletcher// The following blog post is meant to expand upon the findings commonly identified in BHIS reports. Β The β€œServer Supports Weak Transport Layer Security (SSL/TLS)” is almost universal across […]

The post Finding: Server Supports Weak Transport Layer Security (SSL/TLS) appeared first on Black Hills Information Security, Inc..

  •  

Juniper Two Factor VPN & Linux

David Fletcher // On a recent internal penetration test engagement, I was faced with using a Juniper VPN to access the target network. One small problem, Juniper does not formally […]

The post Juniper Two Factor VPN & Linux appeared first on Black Hills Information Security, Inc..

  •  

TestSSL.sh –Assessing SSL/TLS Configurations at Scale

David Fletcher // Have you ever looked at Nessus scan results to find the below in the output? Recently I was on engagement and encountered just this situation. Β I found […]

The post TestSSL.sh –Assessing SSL/TLS Configurations at Scale appeared first on Black Hills Information Security, Inc..

  •  
❌