Browsers

The site uses SSL and the Strict-Transport-Security HTTP header is not defined

Nikto output The site uses SSL and the Strict-Transport-Security HTTP header is not definedRead More »

Hardening Google Chrome (on Windows)

Steps to harden Google Chrome: Updating Google Chrome Review best practices Configure Group Policy settingsRead More »

X-Frame-Options header is not set

You probably gonna find this issue in your manual browsing and spidering phase of your assessment. But also Nessus will report this issue during your scanning phase.Read More »

MS15-124: Cumulative Security Update for Internet Explorer (3116180)

Nessus Output ASLR hardening settings for Internet Explorer in KB3125869 have not been applied. The following DWORD keys must be created with a value of 1: - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_USER32_EXCEPTION_HANDLER_HARDENING\iexplore.exe - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_USER32_EXCEPTION_HANDLER_HARDENING\iexplore.exeRead More »

Hardening Internet Explorer

Resources used to implement and audit Internet Explorer:Read More »

Check Internet Explorer version

Objective: According to Microsoft announcement: Support for older versions of Internet Explorer ended on January 12th, 2016, you should verify you Windows systems to the latest Microsoft Support Lifecycle statements.Read More »