INFOSEC How To Market Yourself As An Information Security Professional Ever wondered how best to market yourself as an infosec professional? In this article we will take some words of wisdom from Dr Seuss on how best to get ahead in the infosec world.
TECHNICAL Blind Stored Cross-Site Scripting In this article, we join security researcher Roy Shoemake to learn what blind Cross-Site Scripting (XSS) is and a couple of ways to test for it.
CYBERSEC HackTheBox Walkthrough : Canape Now that the HackTheBox.eu CANAPE challenge has been retired, security researcher @DRX_Sicher can publish his walkthrough.
INFOSEC Are You Secretly Mining Crypto Currency? You may never know if you are mining cryptocurrency or not these days, join security researcher Roy Shoemake as he explores the wonderful world of stealth cryptomining.
INFOSEC Unboxing India's Data Protection Framework – Part Two of Many Cybersecurity professional Ninad Dhavase takes a further deep dive into India's data protection framework, breaking it down into easily understood chunks.
CYBERSEC HackTheBox - Olympus Write Up The latest in a long line of HackTheBox writeups from security researcher Shaksham Jaiswal who is back with his write up of the Olympus CTF challenge.
INFOSEC DEF CON Groups: What Works in 2018? Thinking about starting your own DEF CON group? Join security researcher Lacey Kasten in an investigation into what works and what doesn't in 2018.
INFOSEC The DOD Has Its Head in the Clouds The Department of Defense spends roughly $38 billion dollars a year alone on information technology that supports two million users and 10,000 operational systems.
CYBERSEC DDoS Boss Learn about the power and strength of botnet driven DDoS attacks with DDoS boss Ryan Jackson, formerly leader of the New Worlds Hackers Group.
INFOSEC SANS Holiday Hack Challenge - Part 2 Part two of security researcher Roy Shoemake's SANS Holiday Hack Challenge, lets take a closer look at the primary technical challenges and overcome them.
INFOSEC SANS Holiday Hack Challenge – Part 1 The Untold Story of the Elves at the North Pole. Giant snowballs are causing destruction at the north pole, find out who the villain is and their motive.
HackTheBox - Canape write-up Canape retires this week, it's one of my favorite boxes on HTB for it's lessons on enumeration and scripting as well as a cool way to privesc. So, let's find our way in!
CYBERSEC HackTheBox - Poison Write Up Poison retires this week at HTB and it has some very cool privesc, plus another way to get into the box which needs us to, ahem, *poison* things.
INFOSEC Hiding In Plain Sight With NTFS Steganography Steganography is the art of hiding data in plain sight, in this article Nihad Hassan takes a closer look at hiding data using the NTFS file system.
CYBERSEC Penetration Testing Scanning 101.2 Part two of the hugely popular Penetration Testing 101 series from security researcher Hozaifa Owaisi, who breaks down network tracing and the tools he uses to scan networks.
CYBERSEC The Secret History Of CRYPTO Learn about the secret history of the word CRYPTO and read about its roots in intelligence gathering and espionage with infosec writer Guise Bule.
INFOSEC Unboxing India's Data Protection Framework – Part One of Many In this article, infosec writer Ninad dissects the Indian Data Protection Framework and breaks it down for us so that we can better understand it.
CYBERSEC The MEGA.nz Chrome Browser Extension Has Been Backdoored (UPDATE) The MEGA.nz Chrome Extension has been identified as backdoored in the newest version. It is stealing credentials for several services like GitHub and Google, which will be sent to an external website.
INFOSEC Infosec Writers Contest Sharpen your pencils and scribble up a storm, you have 3 weeks to submit an article and enter our $1000 writing contest.
TECHNICAL AWS Full Stackin’ w/ aaS This article from security researcher ZuphZuph will teach you about secure SaaS hosting within AWS. Everything here is generalized for the infotech/sec industries.
INFOSEC Black Hats Drive The Infosec Space We pretend that 'black hat' is a dirty term in the infosec space, but half of you would not earn half as much money as you do without them.
INFOSEC Apply For Infosec Jobs Like You Mean It Learn how to apply military strategy to your job hunt and apply for infosec jobs like you mean it, with security researcher Stuart Gentry.
TECHNICAL HackTheBox - Stratosphere Write-up Stratosphere retires this week at HTB. I really liked this box for its awesome privilege escalation (privesc) and the rabbit holes. So without further ado, this is your pilot Minato reporting, looks like there's some turbulence... Lets hit stratosphere!!!
TECHNICAL Web Application Firewall (WAF) Evasion Techniques #3 Uninitialized Bash variable to bypass WAF regular expression based filters and pattern matching. Let's show it can be done on CloudFlare WAF and ModSecurity OWASP CRS3
TECHNICAL Apache Struts2 CVE-2018-11776 POC Learn about the Struts2 Remote Code Execution vulnerability CVE-2018-11776, how to exploit and how to create a Proof of Concept (POC) with docker.
