INFOSEC The Apperta Data Breach Fiasco The Apperta Foundation seems to be embroiled in a very public data breach fiasco of their own making.
OSINT The Capitol Bomber: Stride, Gait, & Timeline Analysis (OSINT) Immediately after the Capitol riots, the FBI issued the following “Be on the Lookout” or “BOLO” poster seeking information on the individual suspected of placing pipe bombs in the Capitol. The FBI’s
OSINT Research Scanned Documents with Optical Character Recognition Optical Character Recognition (OCR) means that your computer can read words in photos and scanned documents. When you have a document or documents where you want to copy and paste the words into
INFOSEC Secjuice Squeeze 63 Welcome to the Secjuice Squeeze, a lovingly curated selection of interesting security articles and infosec news that you may have missed.
OSINT Book Review: We Are Bellingcat I was intrigued and impressed with Bellingcat's work before I read Elliot Higgins’ book, 'We Are Bellingcat'.
TECHNICAL Understanding Linux Cron Jobs Understanding the tole of Linux cron jobs and how they can help you during penetration tests.
OSINT TryHackMe: KaffeeSec - SoMeSINT TryHackMe's KaffeeSec SoMeSINT box teaches you how to gather social media intelligence on your targets.
TECHNICAL Hacking GraphQL for Fun and Profit (2): Methodology & Examples Part two of our popular series on hacking GraphQL for Fun and profit. In this article we focus on the methodology.
INFOSEC Cybersecurity Advice For Startups Startups are especially vulnerable to any financial shocks, including those caused by organized criminal cyberattacks.
TECHNICAL Recon Basics: Tornado Webserver Tornado is a python webserver framework developed by FriendFeed. It can scale to tens of thousands of open connections, making it ideal for WebSockets.
INFOSEC Secjuice Squeeze 62 Welcome to the Secjuice Squeeze, a lovingly curated selection of interesting security articles and infosec news that you may have missed.
OSINT Searching For A Missing Person: The Most Difficult Kind Of Investigation People searches are the investigations when I tell the client in advance that we cannot guarantee a result.
CYBERSEC Your Web Browser Is A Dinosaur Your web browser is a dinosaur, destined for extinction, and the end is nigh.
Hacking GraphQL for Fun and Profit (1) - Understanding GraphQL Basics Hello everyone, In this Part One of my series on hacking GraphQL I will be going through some basics of GraphQL to understand the technology better, and in Part Two I will hack
INFOSEC Secjuice Squeeze 61 Welcome to the Secjuice Squeeze, a lovingly curated selection of interesting security articles and infosec news that you may have missed.
Client-Side Encryption Bypass (3) Learn how to create a script using the application's encryption logic to fuzz encrypted parameters.
TECHNICAL Attack Defence: Windows Basic Exploitation #6 Learn how to exploit CGI Servlet in Apache Tomcat in part six of basic windows exploitation.
OSINT TryHackMe: Sakura Room Walkthrough Sinwindie's technical walkthrough of the OSINT Dojo's 'Sakura Room' challenge on TryHackMe. Come and play!
TECHNICAL Client-Side Encryption Bypass (2) Part two in Sameer Bhatt's series on client-side encryption bypass.
Nginx Recon Basics Part two of Gurkirat Singh's series on web server reconnaissance, this time focusing on the Nginx web server.
TECHNICAL Gunicorn Recon Basics Part three of Gurkirat Singh's series on web server reconnaissance, this time focusing on Gunicorn.
INFOSEC Secjuice Squeeze 60 Welcome to the Secjuice Squeeze, a lovingly curated selection of interesting security articles and infosec news that you may have missed.
