Hi, I’m Eric. I’m technical director @enginsightcom with deep interest in it security.
Eric Range

Upgrade to Debian 12 (Bookworm)

Upgrading your Debian system to the latest stable release is an essential task to keep your system secure, up-to-date, and running smoothly. With the release of Debian Bookworm, you might […]

Inodes in Linux

When it comes to managing files and data on your computer’s storage system, you may have come across the term “inode.” Inodes play a crucial role in filesystems like ext4, […]

NodeJS: console.error vs console.trace

Node.js is a popular JavaScript runtime that allows developers to run JavaScript code on the server side. One of the tools that developers use to debug their Node.js applications is […]

Bruteforce WordPress via XML-RPC

WordPress has become increasingly resistant to bruteforce attacks in recent years. Plugins like “Jetpack” and etc. complicate the automatic bruteforcing by additional security queries more and more. In addition, the […]

Vertical align anything with just 3 lines of CSS

With just 3 lines of CSS (excluding vendor prefixes) we can with the help of transform: translateY  vertically center whatever we want, even if we don’t know its height. The CSS property transform is usally […]

Tor Country Codes

Entry and exit nodes can be configured in Tor on a country-by-country basis. This allows Tor to use certain servers in other countries, so you can bypass web restrictions in […]

A never ending story, SHA-1!

What is SHA-1? Secure Hash Algorithm 1 (SHA-1) is a cryptological hash function. It is used to calculate a verification value for any digital data and is, among other things, […]

Raspberry Pi 4 Shutdown: Trouble Shooting

If you ever do a rpi-update on your Raspberry Pi 4, it may occur that the shutdown process do not work anymore as expected, due to the newer firmware version. […]

Disable Wi-Fi and Bluetooth on Linux

Ubuntu 20.04 Navigate to: Add following lines: And reboot: Raspbian (Buster) Navigate to: Add following lines: And reboot:

Venom.sh

Today I implemented a few techniques to detect common web-based attacks and came across the following Nginx access log entry. I immediately spotted the command injection attempt but didn’t pay […]