TECHNICAL Abusing PHP query string parser to bypass IDS, IPS, and WAF Learn how IDS, IPS, and WAFs are vulnerable because of the design limitations of the PHP query string parser.
TECHNICAL Introduction To Serverless Security: Part 3 - Preventing Accidental Deletion Avoid falling victim to the pitfall of accidentally deleting your critical data when using Serverless. Learn how to enable AWS CloudFormation termination protection.
INFOSEC How to Hunt Your Way through Bug Bounties Getting started in bug bounties can be rough. Learn how to get started on the right path.
CYBERSEC Zero Trust Upgrade Your Web Gateway What I like most about this zero trust upgrade model is that I can isolate all the fucks I have to give about the malicious traffic passing through my web gateway.
INFOSEC Balance & Stay Motivated In Infosec Infosec is crazy, it's easy to lose perspective, learn to stay motivated and balanced in a world of dumpster fires.
INFOSEC How To Land A Job In Infosec Learn how to prepare yourself to land that dream job in cybersecurity, differentiate yourself in a crowded job market and stand out from everyone else.
INFOSEC The Lock Picking Hobbyist You never know when you might be arrested for disclosing a vulnerability and have to pull a Houdini to break out of prison in some far flung foreign land.
INFOSEC What Is Doxxing And Why Is It Bad? What is doxxing and why is it bad? Learn about the history of doxxing in the hacking scene and why infosec people wear masks.
TECHNICAL A Guide To x86 Assembly A beginners guide to the X86 Assembly Language, also known as 'assembler', a low level programming language.
INFOSEC Getting Started in InfoSec Want to get started in infosec but don't know how? Check out this beginners guide to the essential knowledge, the right mindset and some fantastic resources.
TECHNICAL Bug Bounty Insider RyanDeveloping takes us on a journey of discovery into the wonderful world of Bug Bounty Programs. Where we learn about the history, best platforms, and how you can get started. Ryan also interviews members of the community about their views.
OSINT New Kids On The Block (Part I) Shodan is considered to be the standard for mass internet OSINT, however in this article n0mad researches alternatives and provides insight to why these tools should be included in your toolset.
CYBERSEC How much do we really know? Jonny B, shares his journey into hacking, where we learn about the challenges he faced, the resources that helped, some of the benefits of certifications, and the importance of Coding.
CYBERSEC Mentoring me, mentoring you Jamie Collier explores the challenges around mentoring in infosec, and how more of us should be providing guidance to all around us.
TECHNICAL Bypass XSS filters using JavaScript global variables In this article, theMiddle discusses the many possibilities to exploit a reflected (or even stored) XSS when there are filters or WAF's protecting the website.
TECHNICAL Three Reasons Developers Hate Updating Programming Languages Why do Developers hate updating Programming Languages? In this article learn why, and gain insight from engineers who have a different viewpoint.
TECHNICAL Attacking Encryption Systems Cryptography is the science of secret writing, its usage dates back to ancient civilizations. It has two main components, encryption and steganography.
ChromeCast Leaks App Data One night I checked my local network for PS4 traffic, instead something else caught my attention. I saw something strange and this is the story of my ChromeCast bug.
CYBERSEC Up & Coming Hackers In this article I pay homage to awesome talent and namedrop my favorite up and coming hackers of 2019. These are a few of my favorite coders and engineers.
CYBERSEC Advice On Developing a Cyber Crisis Management Plan Practical advice for developing a cybersecurity crisis management plan and a closer look at is components.
TECHNICAL Shooting Rubber Bands At Firewalls How to defend against this denial of service attack which can be used to deactivate firewalls from a number of vendors, for less than five dollars.
TECHNICAL Notes On CVE-2019-0708 (RCE 0day) This week a major RCE vulnerability has been spotted in the wild which affects affects a number of Microsoft OS's including Windows 7, Server 2008, Windows 2003 & Windows XP.
INFOSEC A Beginners Guide To The Dark Net & Protecting Yourself When Using It You already know about the surface web, it is the home of websites like Amazon, Google, and YouTube, but have you ever been to the dark web?
INFOSEC Chinese Threat Intelligence: Part Three In part three of Viking Sec's series on Chinese threat intelligence, we look at how China evolved from starving farmers into APT1.
A Hacking Methodology Explainer In this explainer I will attempt to explain hacking methodology in simple terms, because it can often be difficult for infosec outsiders to understand even the most commonly used terms.
