Firewalld Rich Rules basics

This tutorial will help you to get started with the firewalld configuration. Basics on zones and rich rules are presented.

What we do

The shell provisioner will ensure that on all hosts firewalld and curl are installed. For “host_protected” the provisioner will install nginx for demo purposes, too. Furthermore, the firewall will configured on “host_protected”.

Every host has two interfaces NAT (enp0s3) and host-only (enp0s8). The provisioner will not touch the NAT interface (zone: public) rules! Only the host-only interface (zone: home) rules will modified!


Here are all needed files…

Please add your values for box name/url!


Note: before you destroy the vagrant environment, have a look on zones xml files for “host_protected”!

TCP port scanner Brutescan

Brutescan is a fast and noisy TCP port scanner written in go.


Configure go (for user)

Install brutescan


Tiny SSH audit

I wrote an bash script which makes the SSH server configuration audit a little bit easier. Here now an description for usage. The repository can found here.


The output is self-explanatory. If you need more details, just run following command.

Install and configure Fail2Ban on CentOS 7

This tutorial presents the minimum SSH protection on CentOS 7 by Fail2Ban (without e-mail).



Ready for startup

Check status


Install Pappy Proxy on CentOS7

Pappy Proxy (Proxy Attack Proxy ProxY) is an open source intercepting proxy for performing web application security tests. It is similar to BurpSuite, ZAP and so on. The benefit is the command line!


Prepare a project

Note: By default the proxy is running on port 8000 – bound to localhost. You need to modify the config.json. For more information read the docs.

Install w3af on Debian (Jessie)

W3AF is a free is a Web Application Attack and Audit Framework. This tutorial shows how to install w3af on Debian 8.6 (not by Debian package w3af-console).


Install and run w3af

Note: read the user guide on

Install v3n0m on Debian (Jessie)

V3n0m is a free penetration scanner. This tutorial shows how to install v3n0m on Debian 8.6.


Install and run v3n0m


Have fun but be careful!

Install YAWAST on Debian (Jessie)

This time i show YAWAST (Antecedent Web Application Security Toolkit) on Debian 8.6. YAWAST performs basic checks for penetration testers and security auditors.

System preparation

Install YAWAST


There is more! Read the documentation on GitHub adamcaudill/yawast.