Category Archives: InfoSec

Security.txt – an Analysis of the Alexa Top 1 Million Domains

Since 2017, there is an IETF draft out there that proposes to implement a security.txt file on webservers so that security researchers have an easy way to get in touch with the company / website owner in case security issues get detected. This is actually a great idea – so I wanted to check how widespread this security.txt already is and reviewed the Alexa Top 1 Million URLs.

Continue reading Security.txt – an Analysis of the Alexa Top 1 Million Domains

Slack-based Intrusion Detection – the easy Way

While huge companies make huge investments in regards to intrusion detection, you can do it for private purposes also the easy and low-cost way.

I want to demonstrate that setting up a baseline logging & notification system is super easy and comes with no additional cost. However, it is still highly effective and could seriously help you to detect malicious actors that were able to get access to your login credentials. My walkthrough below was tested on a standard Kali built but should work on all standard linux systems with openssh-server installed. Continue reading Slack-based Intrusion Detection – the easy Way