CTF Apache Struts2 CVE-2018-11776 POC Learn about the Struts2 Remote Code Execution vulnerability CVE-2018-11776, how to exploit and how to create a Proof of Concept (POC) with docker.
CYBERSEC Cryptocurrency Double Spending An introduction to cryptocurrency and a closer look at double spending, one of the many attacks affecting the security of some cryptocurrencies.
CYBERSEC Passwords & Human Psychology The problem with humans is that we want to protect our data but are not willing to make any effort to protect it, a good example is the passwords we choose.
CYBERSEC Mobile Infosec Challenge Walkthrough Infosec Mobile CTF - The goal of this challenge is to extract encrypted data plus its secret from a database embedded inside the application.
CYBERSEC Does it Equate? Does it equate? - Lets take a closer look at the most advanced threat actor we have seen, the Equation Group.
CYBERSEC How The Air Gap Got Its Groove Back The idea of using an air gap for cybersecurity is an old idea, it harks back to the good old days when we weren’t paranoid about being hacked through the air.
CYBERSEC Four Areas That I Evaluate During An Information Security Interview Got an infosec interview coming up? In this article Ninad D talks us through the four areas that he evaluates during an interview conversation.
CYBERSEC Sideloading (Re-Sign) An iOS App To Install On A Jailed Device In this article Roy Shoemake walks us through the process and shows us how to install an IPA binary onto a jailed iOS device (aka sideloading).
INFOSEC How To Market Yourself As An Information Security Professional Ever wondered how best to market yourself as an infosec professional? In this article we will take some words of wisdom from Dr Seuss on how best to get ahead in the infosec world.
TECHNICAL Blind Stored Cross-Site Scripting In this article, we join security researcher Roy Shoemake to learn what blind Cross-Site Scripting (XSS) is and a couple of ways to test for it.
CYBERSEC HackTheBox Walkthrough : Canape Now that the HackTheBox.eu CANAPE challenge has been retired, security researcher @DRX_Sicher can publish his walkthrough.
INFOSEC Are You Secretly Mining Crypto Currency? You may never know if you are mining cryptocurrency or not these days, join security researcher Roy Shoemake as he explores the wonderful world of stealth cryptomining.
INFOSEC Unboxing India's Data Protection Framework – Part Two of Many Cybersecurity professional Ninad Dhavase takes a further deep dive into India's data protection framework, breaking it down into easily understood chunks.
CYBERSEC HackTheBox - Olympus Write Up The latest in a long line of HackTheBox writeups from security researcher Shaksham Jaiswal who is back with his write up of the Olympus CTF challenge.
INFOSEC DEF CON Groups: What Works in 2018? Thinking about starting your own DEF CON group? Join security researcher Lacey Kasten in an investigation into what works and what doesn't in 2018.
INFOSEC The DOD Has Its Head in the Clouds The Department of Defense spends roughly $38 billion dollars a year alone on information technology that supports two million users and 10,000 operational systems.
CYBERSEC DDoS Boss Learn about the power and strength of botnet driven DDoS attacks with DDoS boss Ryan Jackson, formerly leader of the New Worlds Hackers Group.
INFOSEC SANS Holiday Hack Challenge - Part 2 Part two of security researcher Roy Shoemake's SANS Holiday Hack Challenge, lets take a closer look at the primary technical challenges and overcome them.
INFOSEC SANS Holiday Hack Challenge – Part 1 The Untold Story of the Elves at the North Pole. Giant snowballs are causing destruction at the north pole, find out who the villain is and their motive.
CTF HackTheBox - Canape write-up Canape retires this week, it's one of my favorite boxes on HTB for it's lessons on enumeration and scripting as well as a cool way to privesc. So, let's find our way in!
CYBERSEC HackTheBox - Poison Write Up Poison retires this week at HTB and it has some very cool privesc, plus another way to get into the box which needs us to, ahem, *poison* things.
INFOSEC Hiding In Plain Sight With NTFS Steganography Steganography is the art of hiding data in plain sight, in this article Nihad Hassan takes a closer look at hiding data using the NTFS file system.
CYBERSEC Penetration Testing Scanning 101.2 Part two of the hugely popular Penetration Testing 101 series from security researcher Hozaifa Owaisi, who breaks down network tracing and the tools he uses to scan networks.
CYBERSEC The Secret History Of CRYPTO Learn about the secret history of the word CRYPTO and read about its roots in intelligence gathering and espionage with infosec writer Guise Bule.
INFOSEC Unboxing India's Data Protection Framework – Part One of Many In this article, infosec writer Ninad dissects the Indian Data Protection Framework and breaks it down for us so that we can better understand it.
