• Services
    • Web App Penetration Testing
    • Mobile App Penetration Testing
    • Web 3 Penetration Testing
    • Cyber Investigation Services
    • Tech Audit (Due Diligence)
    • GDPR Tech Assessment
    • Pentesting-as-a-Service
    • Security Testing Training
    • Phishing Simulation
  • About us
  • Partnership
  • Resources
    • Blog
    • Case Studies
    • FAQ
    • WHOIS
    • Knowledge Center
MENU
  • Security Practices
    • Transport Security
      • SSL Configuration Testing
      • Setting up SSL
      • Configure SSL for Windows
      • Configure SSL for nginx
    • Firewalls
      • Attack Surface Reduction
      • Configure iptables on Linux
    • Brute force protection
      • Brute force attacks
      • Fail2ban
      • Test Protection
    • Android and APK Analysis
      • Intercepting HTTPS Traffic on Android emulator
      • Setting Up an Android Device for Root Access and HTTPS Traffic Interception via Burp Suite
      • Extract APKs from a physical Android device
    • Web Server Config
      • Setting up Nginx Server
      • Setting up XSSHUNTER
    • Cyber OSINT
      • OSINT TOOLS 2025
      • Advanced OSINT
    • Pentest Tools & Scanning
      • Useful Burp Extensions
      • Metasploit: Scanning a Website with Wmap
      • Greenbone OpenVAS installation
    • Exploitation
      • CVE-2014-6271 (Shellshock)
      • CVE-2007-1860: Double Decoding mod_jk
      • CVE-2016-0792: XStream Deserialization in Jenkins
      • CVE-2016-10033: PHPMailer RCE
      • Pickle Code Execution
      • XMLDecoder Deserialization
      • ECB Cipher Authentication Bypass
      • RCE with PostgreSQL Extensions
    • Cheatsheets
      • Nmap Cheatsheet
      • Tcpdump Cheatsheet
      • Lsof Cheatsheet
      • Web Basics
      • Essential Unix Commands
      • HTTP Requests
      • Wireshark
      • Advanced Nmap scanning

Security practices

This block is an attempt to share our security expertize to make the cyber world more safely. Don't hesitate to ask our help if any questions or issues.

In this section you can find how to:

  • Secure SSL/TLS on your servers
  • Configure firewalls
  • Protect against brute-force attacks
  • Android and APK Analysis
  • Setting up Nginx Server
  • OSINT Tools 2025
  • Useful Burp Extensions
  • CVE-2014-6271 (Shellshock)
  • Cheatsheets
  • etc...