🦑𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 - 𝐁𝐋𝐀𝐂𝐊 𝐇𝐈𝐋𝐋𝐒 𝐈𝐍𝐅𝐎𝐑𝐌𝐀𝐓𝐈𝐎𝐍 𝐒𝐄𝐂𝐔𝐑𝐈𝐓𝐘

Check out Black Hills Information Security for top-notch cybersecurity content created by experts in the field. Their informative and engaging videos cover a range of topics, from the latest threats and vulnerabilities to strategies for protecting your systems and data.

👉 𝗕𝗨𝗜𝗟𝗗 𝗬𝗢𝗨𝗥 𝗛𝗢𝗠𝗘 𝗟𝗔𝗕
🌟 How to Build a Home Lab for Infosec - Ralph May
http://ow.ly/ynS650NKLlS

👉 𝗡𝗘𝗧𝗪𝗢𝗥𝗞 𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬
🌟 Networking for Pentesters: Beginner - Serena D.
http://ow.ly/CpgS50NKLlZ

👉 𝗣𝗘𝗡𝗧𝗘𝗦𝗧𝗜𝗡𝗚
🌟 Introduction to Pentesting - Mike Felch
http://ow.ly/RVWX50NKLm0

🌟 Pentester Tactics, Techniques, and Procedures TTPs - Chris Traynor
http://ow.ly/BnMK50NKLlK

👉 𝗪𝗘𝗕 𝗔𝗣𝗣𝗟𝗜𝗖𝗔𝗧𝗜𝗢𝗡 𝗔𝗡𝗗 𝗕𝗨𝗥𝗣 𝗦𝗨𝗜𝗧𝗘
🌟 Getting Started with Burp Suite & Webapp Pentesting - BB King
http://ow.ly/7yv750NKLlP

🌟 Modern Webapp Pentesting: How to Attack a JWT - BB King
http://ow.ly/F37650NKLlQ

🌟 Basics of Burp(ing) for Testing Web App Security - Chris Traynor
http://ow.ly/nvMO50NKLlW

👉 𝗜𝗠𝗣𝗥𝗢𝗩𝗘 𝗬𝗢𝗨𝗥 𝗣𝗘𝗡𝗧𝗘𝗦𝗧 𝗥𝗘𝗣𝗢𝗥𝗧𝗦
🌟 Things NOT to Do in Pentest Reports - Bronwen Aker
http://ow.ly/g3KP50NKLlV

👉 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠𝗜𝗡𝗚
🌟 Atomic Red Team Hands on Getting Started Guide - Carrie & Darin Roberts
http://ow.ly/mzfG50NKLm2

🌟 OPSEC Fundamentals for Remote Red Teams - Michael Allen
http://ow.ly/sni250NKLlN

👉 𝗖𝗟𝗢𝗨𝗗 𝗣𝗘𝗡𝗧𝗘𝗦𝗧
🌟 Get your head in the Clouds - Sean Verity
http://ow.ly/m4aM50NKLlI

🌟 Azure Console Pivoting 101 - Stephen Borosh
http://ow.ly/foGR50NKLlJ

🌟 Securing AWS Discover Cloud Vulnerabilities - Beau Bullock
http://ow.ly/pUyH50NKLlY

👉 𝗪𝗘𝗕𝟯
🌟 Getting Started in Blockchain Security and Smart Contract Auditing - Beau Bullock
http://ow.ly/YSLC50NKLlO

🌟 Demystifying Web3 Attack Vectors - Beau Bullock & Steve Borosh
http://ow.ly/sWrv50NKLlT

👉 𝗝𝗢𝗕 𝗛𝗨𝗡𝗧𝗜𝗡𝗚
🌟 How to Hunt for Jobs like a Hacker - Jason Blanchard
http://ow.ly/pzik50NKLlX

🌟 Infosec Job Hunting (Part 1)
http://ow.ly/4THW50NKLm1

👉 𝗕𝗢𝗡𝗨𝗦
🌟 Have fun with the PROMPT# Zines
http://ow.ly/BYt450NKLlU

Post Credit : Gabrielle
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The Ultimate IDOR Testing Checklist!

Are you testing for Insecure Direct Object References (IDOR) vulnerabilities? Here's a detailed checklist to ensure nothing slips through the cracks.

This comprehensive list covers everything from:
✅ Testing parameter pollution
✅ Exploring API versions and extensions
✅ Swapping GUIDs with numeric IDs
✅ Bypassing 403/401 responses
✅ Blind IDORs and chaining with XSS for account takeovers

Whether you're a bug bounty hunter, pentester, or security enthusiast, this checklist will help you uncover those hidden vulnerabilities and secure applications effectively.

Ref: Amit Kumar
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑"Interview Simulation For Cybersecurity Analyst Position (L1, L2, L3) From Various Background Complete With ATS Resume Examples". In this document, I have prepared six different career backgrounds for individuals seeking a cybersecurity analyst role, whether they are transitioning from another field or moving from L1 to L2 or L3 positions. Additionally, I have provided interview simulations for each job application, along with tailored ATS-optimised resumes.

🦑User Automation Process Using CSV:

1- Create the CSV Script
Begin by creating a CSV file with the following headers:
{DN,ObjectClass,SamAccountName,UserPrincipalName,Description,UserAccountName,DisplayName}
2- Fill in the Data
Below the headers, enter the required user details. Each line should represent a user in this format:
{"CN=User1,OU=IT,DC=company,DC=com",user,User1,user1@company.com,"IT Specialist","User1",514,"User One"
"CN=User2,OU=Sales,DC=company,DC=com",user,User2,user2@company.com,"Sales Representative","User2",514,"User Two"}
3- Save the File
Once all user data is filled in, save the file with a .csv extension
Example filename: users.csv
4- Import the Users
To import the users, open PowerShell and run the following command
{csvde -i -f "C:\path\to\your\users.csv"}
5- Enable the Accounts
After importing, all accounts will be disabled by default. To enable them:
Reset their passwords.
Use PowerShell commands to enable the accounts.

Mossad Hamady
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Ngrok – Simplified Tunneling.

ngrok is a game-changing tool that bridges the gap between your local machine and the online world by exposing local servers to the internet through secure tunnels.

🔑 What Makes Ngrok a Must-Have Tool?

1️⃣ Simplified Local Tunneling
Ngrok allows you to expose a local server to the internet in seconds. Say goodbye to complex port forwarding configurations or NAT headaches.

2️⃣ Secure Tunnels
With built-in TLS encryption, Ngrok ensures your data travels securely between endpoints. No more worrying about unencrypted connections when demonstrating or testing sensitive applications.

3️⃣ Dynamic Subdomains
Easily share your application with temporary, unique URLs that expire after use. Perfect for one-time demos or testing.

4️⃣ Webhook Testing Made Easy
Debugging webhook integrations has never been simpler. Ngrok allows you to view detailed request logs and replay them for testing.

5️⃣ Remote Collaboration
Showcase your development or simulations to remote teams without deploying to production. Whether it’s a cybersecurity simulation or an app prototype, Ngrok is your go-to solution.

🔧 How to Get Started with Ngrok

1️⃣ Install Ngrok

Download and install Ngrok from the official website:
👉 https:// ngrok.com /download

For Linux, run:

sudo apt install ngrok

2️⃣ Sign Up for Free or Pro Plan

Ngrok’s free plan offers basic tunneling, while the Pro plan unlocks advanced features like custom subdomains and reserved addresses.

3️⃣ Expose Your Local Server

Run your local app (e.g., on port 5000):

python -m http.server 5000

Start the Ngrok tunnel:

ngrok http 5000

Ngrok will generate a public URL (e.g., https://1234.ngrok.io) that maps to your local server. Share this URL to let others access your app!

🌍 When You Need a Public IP

Ngrok is great for quick and easy access to your local applications, but for real-world penetration testing, you’ll eventually need a dedicated public IP address for activities like remote shell connections or long-term access.

Personally, I use AWS servers to run my virtual machines with public IP addresses. AWS provides an ideal environment for hosting pentesting tools, enabling you to maintain persistent access during engagements.

For example:

• If you’re delivering a reverse shell, having a public IP is crucial to ensure the shell connects back to your system.
• AWS Elastic IPs make it easy to assign a static public IP, which is highly reliable for pentesting setups.

Have you used AWS servers or Ngrok in your pentesting or development setups? 🚀

Andrew P.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Just Released: A comprehensive Active Directory threat hunting tool that makes detecting suspicious activities easier than ever!

✨ Key Features:
• Real-time attack detection
• Advanced timing analysis
• Pattern recognition
• Multi-format reporting (CSV/JSON/HTML)
• Built-in attack simulation

🔍 Detects:
• Password spray attacks
• Brute force attempts
• Account lockouts
• Off-hours activity
• Geographically impossible logins
• Service account misuse
• Admin account abuse

⚡️ Smart Analysis:
• Time-based attack correlation
• Activity pattern matching
• User behavior analysis
• Configurable business hours
• Customizable thresholds

🧪 Includes Test Framework:
• Simulate various attack scenarios
• Validate detection capabilities
• Test environment readiness
• Verify audit policies

🚀 Get started: https://lnkd.in/gbuaaswB

Michael H.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Free AD-ThreatHunting

🦑𝑾𝒊𝒏𝒅𝒐𝒘𝒔 𝑳𝒐𝒈𝒈𝒊𝒏𝒈 𝑪𝒉𝒆𝒂𝒕 𝑺𝒉𝒆𝒆𝒕 🛡

Effective logging is the cornerstone of a robust security posture. This "Windows Logging Cheat Sheet" is designed to guide you in setting up essential Windows 𝐀𝐮𝐝𝐢𝐭 𝐏𝐨𝐥𝐢𝐜𝐢𝐞𝐬 and 𝐋𝐨𝐠𝐠𝐢𝐧𝐠 to kickstart your Log Management Program.

🦑Critical Security Bug in Meta Ecosystem – Zero-Click Account Takeover 🔒

As cybersecurity researchers, my buddy Musawer Khan and I uncovered a Zero-Click Account Takeover (ATO) vulnerability in Meta's ecosystem. This vulnerability involved chaining two endpoints—one being a password reset URL that was indexed on platforms like URLScan and Wayback Machine. These URLs should ideally expire after a reasonable timeframe, yet they remained active and exploitable.

Impact:
1. Without requiring any user interaction (zero-click), we were able to gain unauthorized access to multiple accounts by chaining an endpoint and a password reset link.
2. This demonstrates a serious flaw in how reset links are managed, as they should expire promptly to mitigate potential misuse.

Despite providing a detailed proof-of-concept (PoC) showcasing the exploit, Meta Meta Facebook security team declined to classify this as a vulnerability under their bug bounty program, stating that the URLs were publicly exposed before indexing. However, the persistence of these sensitive URLs and the ability to exploit them points to a systemic issue.

Our Responsibility:
As responsible researchers, Musawer Khan and I ensured that all live URLs were expired from our side before disclosing the findings publicly. Our goal is to raise awareness about the importance of securing password reset mechanisms and ensuring that sensitive URLs are time-bound and properly invalidated.

Key Takeaways:
Password reset URLs should automatically expire after a short duration or after first use.


Mohaseen Katika
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Security Bug in Meta Ecosystem – Zero-Click Account Takeover

🦑 Evade Kaspersky Total Security and Trend Micro Maximum Security and Windows Defender, tested on Windows 10 & 11. Using the following techniques.

💡Load custom DLL (API.dll) to obfuscate API calls.

💡AES encryption to obfuscate shellcode

💡Decrypt shellcode in memory to prevent static detection

💡Allocate & execute shellcode with VirtualProtect to bypass memory protection

🦑4 FREE projects provided by the NSA.
Courses include lab files, links, and step-by-step guides.

1. NSA NCCP Course: Network Penetration Testing
-https://lnkd.in/gGcea5KN
-Modules Include: Introduction to Penetration Testing, Reconnaissance, Scanning, Exploitation, Password Attacks, Wireless Security

2.NSA NCCP Course: Digital Forensics
-https://lnkd.in/gM7YDxyH
-Modules Include: Introduction to Digital Forensics, First Response and Investigation, Digital Forensics Investigation Steps, Introduction to File System, Memory/Live Forensics, Tools for Filesystem Investigation

3.NSA NCCP Course: Computer Security
-https://lnkd.in/g6EDzaYE
-Modules Include: Intro to Computer Security, User Authentication, Cryptographic Tools, Malware, DOS Attacks, Buffer Overflow, Intrusion Detection, Access Controls

4. NSA NCCP Course: Machine Learning for Cybersecurity
-https://lnkd.in/gc95XzUX
-Modules Include: Creating a Safe Lab Environment, File Formats, The Windows API, Automated Sandboxes, Monitoring Tools, Malware Delivery Mechanisms, Basic Analysis Techniques, Detecting Packers and Code Obfuscation.

Ref: Mohamed Hamdi
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑100 web vulnerabilities list

🦑Find Hidden Endpoint with JS Bookmark

Ref: Sin4Yeganeh

🦑 100 Free Security Tools for Ethical Hackers and Forensic Investigators 🔍
Are you passionate about ethical hacking, digital forensics, or cybersecurity?
I’m excited to share a free PDF resource containing 100 security tools designed for:
✅ Ethical hackers
✅ Forensic investigators
✅ Cybersecurity enthusiasts


» This comprehensive guide includes tools for:
Digital Forensics: Autopsy, Sleuth Kit, Magnet AXIOM
Network Analysis: Wireshark, NetworkMiner, Tcpdump
Memory Forensics: Volatility, Rekall, Memoryze
OSINT and Recon: Shodan, Maltego, OSINT Framework
Data Recovery: TestDisk, PhotoRec, Scalpel
Whether you’re analyzing malware, securing networks, or investigating incidents, this toolkit is a game-changer for professionals and learners alike.

Ref: NADJIB BOUKERROUNI
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 IP Threat Analysis: Exposing Malicious Activities Linked to IP 198.1.82.225

Explore a concise cyber threat intelligence report on IP address 198.1.82.225, flagged for spam, hacking attempts, and Trojan-Dropper malware activities. This report highlights key findings, behavioral insights, and actionable strategies to fortify cybersecurity defenses.

🚨 Key Threats Identified
IP: 198.1.82.225
Categories: Email Spam, Brute-Force Attacks, Malware Deployment
🛠 Detection Tools Used: VirusTotal, Criminal IP
💡 Actionable Recommendations: Block the IP, enhance monitoring systems, and conduct regular security audits.

Ref: Faiz Vazir
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁