Insider threat is one of the most sensitive and hardest security issue for organizations to prepare for as violations carried out by…

PtH เป็นการโจมตีเครือข่ายประเภทหนึ่ง โดยผู้โจมตีจะขโมยรหัสผ่านของผู้ใช้ที่ถูกเข้ารหัส (password hash)…

My Personols Noots so I dont forget |Pen Testing|

Active Directory Certificate Services (AD CS) is a critical component within the Microsoft Windows Server ecosystem, providing Public Key…

Have you reserved your seat yet?

👉 What’s happening in cybersecurity today?

In an era defined by digital innovation and connectivity, the imperative to prioritize cybersecurity has become a foundational element of…

In the relentless realm of cybersecurity, where threats lurk in the shadows and the digital landscape is ever-changing, maintaining a…

TryHackMe — Brute Forcing [ Baby, It’s CeWLd Outside ] — The team detects a malicious actor using an employee account to access an…

Today, we see the release of various vulnerabilities in various programs. If you’re a security researcher, you’re probably tempted to work…

Presenting capabilities of DefectDojo in context of Vulnerability Management for DevSecOps and traditional application security engineers.

Hi Hackers, I’m Mostafa Elguerdawi.

In the ever-evolving landscape of digital threats, SIM swap attacks have emerged as a significant concern, posing risks to user accounts…

In the ever-expanding digital landscape, the rise of SIM swap attacks has become a formidable threat, particularly targeting vocal…

WMAP (Web Application Mapping and Penetration Testing) is a module within the Metasploit Framework that is used to identify and exploit…

This is an intermediate box on Offsec’s PG Practice but the community has rated it ‘Very Hard’.

Room: Advent of Cyber 2023 Day 4

Within the massive list of subdomains for my target, as mentioned earlier, I found some WordPress sites. even stumbled upon that CVE for user enumeration, but by now, it’s likely already been…

Demonstration of SSL stripping and how to mitigate it by setting Strict Transport Security.

How CISA’s “secure by design” is NOT hypocritical, despite agencies hording zero days — and what the campaign is REALLY trying to do.