Whenever finding a new vulnerability in a software product, it's advisable that a researcher first notifies the company responsible for the product and gives them time to fix the identified vulnerabilities. I've found multiple vulnerabilities in Pfsense firewall and reported them to the Pfsense security team. They were ...

Introduction If you're using Pfsense as your firewall solution, then you've surely wondered about keeping your configuration files backed up. Normally, you have to go to Diagnostics - Backup/Restore to backup the configuration files manually as presented on the picture below. But we're all aware that manual ...

Introduction to Full Layout In this article I'll present how I implemented the Full Layout into ZAP OWASP. Since I'm always using ZAP on small screens, it just isn't enough space to actually make use of the two layouts that are available in ZAP: the “Maximize left ...

Introduction In this tutorial we'll present naxsi nginx module, which provides a WAF (Web Application Firewall) to any application running behind Nginx web server. It works by inspecting HTTP requests and matching the malicious pattern rules in naxsi_core.rules. If a match is found, the malicious request is blocked ...