Paul Asadoorian - Security Podcaster
Paul Asadoorian's Hacker Musings, Security Podcasts, and Nerd Stuff.
  • Home
  • Blog
  • Podcasts
  • How-To
  • Presentations
  • About
  • Contact
Screenshot from 2023-06-01 11-03-29

1 Jun 2023

Paul’s Security News – June 1, 2023

Larry and I were supplied with a handle of Dewars Scotch this week (yea, things go downhill when I am not in the studio all the time). Rather than complain about it (er, okay, we complained about it anyway), we’d make Old Fashioneds. They were pretty good, but not as […]

Continue Reading
By: Paul Asadoorian Paul's Security News
Screenshot from 2023-05-24 13-14-03

24 May 2023

Running Windows Inside Containers On Linux

Summary Learn how to run Windows inside of containers on Linux with Docker, using the VulnHub Lab GitHub repository, which includes a customizable container environment with HTTP web server, Trever C2, Merlin, Akali Linux instance, and vulnerable Linux targets. Highlights

Continue Reading
By: paul@rihackers.com How-To, Security Lab Tags: linux, windows
Screenshot from 2023-05-24 13-10-11

24 May 2023

Linux Post Exploitation

This segment references the following Github repository: https://github.com/SecurityWeekly/vulhub-lab Summary A new GitHub repository, “vulhub lab,” was created for Linux post-exploitation research. The lab includes several vulnerable containers and C2 servers which can be utilized for learning about post-exploitation techniques. Highlights

Continue Reading
By: paul@rihackers.com How-To, Security Lab Tags: linux, post-exploitation
Screenshot from 2023-05-24 13-02-50

24 May 2023

Using WPScan To Find WordPress Vulnerabilities

wpscan is a free tool for scanning WordPress; let’s face it, there are many vulnerabilities in WordPress! This segment will walk you through installing, configuring, and using wpscan. You can find the technical segment write-up here. Summary Learn how to use WPScan to scan WordPress sites stealthily for vulnerabilities and […]

Continue Reading
By: Paul Asadoorian How-To Tags: wordpress, wpscan
Screenshot from 2023-05-24 11-34-51

24 May 2023

Log4j Exploit Step-By-Step

Summary This episode covers the Log4J exploit step-by-step, with a warning to only use the information responsibly. You can download the document referenced in this technical segment here. Highlights

Continue Reading
By: Paul Asadoorian How-To, Security Lab Tags: exploits, log4j
Screenshot from 2023-05-24 11-26-32

24 May 2023

Building Vulnerable Docker Containers (On Purpose)

You can find the code referenced here: https://github.com/SecurityWeekly/vulhub-lab. You can access the slides for this segment here: Building Vulnerable Docker Containers (slides).

Continue Reading
By: Paul Asadoorian How-To, Security Lab Tags: docker, exploits
Screenshot from 2023-05-24 09-29-13

24 May 2023

Scanning For Default Creds With Python – Part 2

Summary This segment discusses Part 2 of the network scanning slackbot, which uses the Python Nmap library to scan a specified network and match manufacturer names, default usernames and passwords, and SSH and HTTP credentials. Highlights

Continue Reading
By: Paul Asadoorian How-To, Vulnerability Scanning Tags: nmap, python
Screenshot from 2023-05-24 09-20-01

24 May 2023

Scanning For Default Credentials With Python

Summary This technical segment discusses creating a Python script to scan a network for default credentials and send notifications through a Slack bot. The initial release is here: https://github.com/SecurityWeekly/netslackbot Highlights

Continue Reading
By: Paul Asadoorian How-To, Vulnerability Scanning Tags: nmap, python
Screenshot from 2023-05-24 08-46-57

24 May 2023

Nmap and Flan Scan Technical Segment

Summary This technical segment covers working with Nmap Vulners and Flan Scan for vulnerability scanning. You can download the instructions for this technical segment here. Highlights

Continue Reading
By: paul@rihackers.com How-To, Vulnerability Scanning Tags: docker, nmap
hypecycle

19 May 2023

The Vulnerability Hype Cycle

I’m certain this has been written about before. I believe it’s worth laying out again. This month I will have covered information security for 17 years. The vulnerability hype cycle has not changed. While I do not have all the answers, I do have confidence in our community that we […]

Continue Reading
By: Paul Asadoorian Vulnerability Management

Articles

  • Podcast Gear Recommendations
  • Podcasts I listen to
  • Book recommendations
  • Podcasts I've Appeared On
  • My PC Build

Tweets by securityweekly

© Paul Asadoorian - Security Podcaster 2025