"One of my biggest challenges in learning how to pentest was finding systems to test against. I heard that using your neighbors network is “frowned upon”, and hanging out in a Starbucks and pwning your fellow coffee drinkers on the public wifi raises the occasional eyebrow. So what do I do? Build a test environment. "
"The just released CRS v2.1.0 includes Credit Card Tracking rules. These will both track legitimate credit card usage and also prevent full credit card number leakages. Much of the following data was taken from a previous blog post by Ofer Shezaf however many sections have been updated with current ModSecurity and CRS information."
"In a recent blog comment one of you asked about TaoSecurity lab. This is a collection of my own gear -- nothing associated with my corporate employer. I decided to post the diagram at left in case someone found it useful. "