OSINT

TikTok Targeted OSINT Investigations (P1 - User)

You get a new case to investigate and it's a young social media user with no Facebook, no Twitter, just TikTok.

OSINT

Mastodon OSINT: A Comprehensive Introduction

Part one in our series on Mastodon, focused on gathering OSINT from the platform's users, instances and network.

OSINT

OSINT: The Mastodon Paedophile Problem

Mastodon has a major paedophile problem, join computer scientist Edward Charles for a closer look at the pedophilic side of the fediverse.

TECHNICAL

HTB Shibboleth Walkthrough

A technical walkthrough of the HackTheBox SHIBBOLETH challenge from the King of HTB Andy From Italy.

TECHNICAL

Windows Post Exploitation - WDigest Credentials Cache

Learn how to enable WDigest credential caching and Metasploit to retrieve the plain text password of logged-in users.

INFOSEC

What You Overlook In Malware Analysis

When infosec people hear "malware analysis" most jump directly to binary analysis and reverse engineering.

INFOSEC

Unhackable Things: Notes On Formal Verification

Formal verification is all about writing mathematical proofs, which show the correctness (or incorrectness) of a thing.

INFOSEC

A Quick Look At YARA

YARA is a tool aimed at helping malware researchers to identify and classify malware samples.

INFOSEC

CORS – Cross-Origin Resource Sharing – What, how, and why?

Have you ever wondered how API resources can browse safely from domain origins other than the server?

Windows Post Exploitation - Enabling RDP

Learn how to use Windows's vulnerable file-sharing service to enable RDP post-exploitation.

TECHNICAL

HTB Late Walkthrough

A technical walkthrough of the HackTheBox LATE challenge from the King of HTB Andy From Italy.

HTB Meta Walkthrough

A technical walkthrough of the HackTheBox META challenge from the King of HTB Andy From Italy.

HTB Secret Walkthrough

A technical walkthrough of the HackTheBox SECRET challenge from the King of HTB Andy From Italy.

INFOSEC

Supply Chain Attacks

Organizations need to understand the dependencies they're injecting into their networks and applications.

TECHNICAL

The JWT and Base64 Secrets You Need To Know

Welcome to my guide to the JWT and Base 64 secrets you absolutely need to know if you hack.

OSINT

OSINT: Query Your Target System Like A Database

You've run queries on data collection for a long time, but what if your system can also be queried in this way?

INFOSEC

Mastodon: A Social Media Platform Dominated By Pedophiles & Child Porn

Following a Secjuice investigation, it has become clear that Mastodon is a social media platform dominated by pedophiles and most of its content is child porn.

INFOSEC

Is Infosec Really Leaving Twitter For Mastodon?

Is the infosec space really leaving Twitter? We sent our top investigative reporter onto the website known as Twitter to find out!

TECHNICAL

Defender Bypass With .PIF Extensions

Learn a new method for bypassing Windows Defender security mechanisms using PIF extensions.

TECHNICAL

Windows Post Exploitation & Clipboard Manipulation

A lab exercise in Windows post exploitation techniques, covering manipulation of the clipboard.

TECHNICAL

HTB OpenSource Walkthrough

Andy From Italy is back with another epic HackTheBox walkthrough, this time he takes on the OpenSource box.

OSINT

How OSINT Is Used In SIM Swap Scams

Learn how scammers leverage OSINT when running SIM swap scams, and some of their common techniques.

INFOSEC

An Intro To DevSecOps

An introduction to DevSecOps from a fallen comrade who wishes to remain anonymous.

INFOSEC

How to Break into Infosec With Zero Expertise

Want to break into cybersecurity but lack the relevant experience? Learn how in seven easy steps.

INFOSEC

Child Porn Allegations At Patreon After Security Team Fired

Shortly after Patreon dismissed their whole cybersecurity team, allegations of illegal activity and child porn emerge.