Secjuice (Page 26)

Sign in Subscribe

Defending Against SQL Injection Attacks

Defending Against SQL Injection Attacks

In this article cybersecurity student Ozan Agdepe gives us some pro tips for defending against SQL injection.

The 2018 SANS Holiday Hack Challenge

The 2018 SANS Holiday Hack Challenge

A wonderfully comprehensive write up of the SANS 2018 Holiday Hack Challenge from security researcher Roy Shoemake.

Penetration Testing Scanning 101.3

Penetration Testing Scanning 101.3

In part three of his series on penetration testing security researcher Hozaifa Owaisi covers port scanning and the tools used to get the job done.

Vulnhub: Raven 2 Write Up

Vulnhub: Raven 2 Write Up

In his latest write up security researcher Thunder Son covers Vulnhub's Raven 2 and deep dives into the challenge.

How To Deal With A Hacker Finding Holes In Your Security

How To Deal With A Hacker Finding Holes In Your Security

Has a security researcher contacted you to tell you about a security vulnerability? Don't panic! Follow this common sense guide to dealing with hackers who find holes in your security.

The LazySysAdmin Write-Up

The LazySysAdmin Write-Up

LazySysAdmin truly lives up to its name. This machine was configured by a lazy system administrator and thus, one clear thing to be looking for is a misconfigured system.

Feed Your SIEM With Free Threat Intelligence Feeds

Feed Your SIEM With Free Threat Intelligence Feeds

Draw down free threat intelligence data to feed your security information and event management (SIEM) platform with these handy Powershell scripts.

Moria 1.1 - Write-up

Moria 1.1 - Write-up

Moria 1.1 Writeup - Moria is said to be an intermediate machine and it stays true to that, if you don't have a certain process to follow or refer to, you won't get the entry point.

Simple Defenses vs Advanced Malware

Simple Defenses vs Advanced Malware

Defending your systems from advanced malware does not have to be difficult and costly. Learn how to improve your domain security with simple changes to tools you already own.

Case Study: Wreaking Havoc via an API

Case Study: Wreaking Havoc via an API

A deep dive case study from infosec writer Miguel Calles highlights the importance of addressing the highest OWASP security risk, injection.

The Problem With Smart TV's

The Problem With Smart TV's

Do you get angry at the thought of your television being smart instead of dumb? So does Guise Bule who explains the problems with smart tv's.

Hundred Billion Dollar Infosec Question

Hundred Billion Dollar Infosec Question

A Thought Experiment - If someone gave you a hundred billion dollars to spend on improving information security how would you spend it?

How To Tell If Hackers Are Watching

How To Tell If Hackers Are Watching

Hackers can gain control of your mobile device in a number of ways and sometimes there are tell tell signs, here are seven so you can catch them out.

Social Engineering - Breaking the Brain

Social Engineering - Breaking the Brain

Join security researcher Dan Dixon in an exploration of the brains inherent vulnerabilities in the context of social engineering your way to a target.

How To Exploit PHP Remotely To Bypass Filters & WAF Rules

TECHNICAL Featured

How To Exploit PHP Remotely To Bypass Filters & WAF Rules

Learn about the possibilities that PHP gives us to exploit and execute code remotely in order to bypass filters, input sanitization, and WAF rules.

FedBounty - A Federally Sponsored National Bug Bounty Program

FedBounty - A Federally Sponsored National Bug Bounty Program

A federally sponsored, national bug bounty program covering every business in the US and nurturing a new generation of security researchers.

The Road To Reverse Engineering Malware

The Road To Reverse Engineering Malware

Security researcher Pablo Ramos has prepared a structured guide to malware reverse engineering resources for those interested in getting started.

Implications Of Iran’s Cyber Capabilities

Implications Of Iran’s Cyber Capabilities

In this article security analyst Christopher Olsen takes a closer look at the implications of Iran's burgeoning cyber capabilities for the US & her allies.

Defining a Security Strategy - WHY

Defining a Security Strategy - WHY

The first step to defining a security strategy is starting with WHY, in this article Francesco Cippollone explains how you start with WHY.

Weaponizing CoAP For DDoS Attacks

Weaponizing CoAP For DDoS Attacks

In his latest article Security Researcher Francseco Cipollone covers a little history of DoS and DDoS attacks and explains how the IoT CoAP protocol can be weaponized for DDoS attacks.

JetBlue Vulnerability - How Not To CISO

CYBERSEC Featured

JetBlue Vulnerability - How Not To CISO

In this article security researchers Dylan English and Benjamin Scotsman reveal a vulnerability at a major US airline and castigate their airlines CISO.

How To Access and/or Memorialize Online Accounts When Someone Dies

How To Access and/or Memorialize Online Accounts When Someone Dies

What you need to know about online account access for someone who has died.

How To Upload Any File To Amazon's Free Unlimited Photo Storage Space

How To Upload Any File To Amazon's Free Unlimited Photo Storage Space

Have you ever wondered how to use Amazon Photos unlimited space for your own personal files? Wonder no longer, Alessandro Innocenzi has it all figured out and Amazon says it's fine.

Metasploit Community CTF 2018

Metasploit Community CTF 2018

"Remembering Aaron Swartz" came second at this year's metasploit CTF. Most of us played for the first time and it was a unique experience.

Access Control - Cloud vs Traditional (Part 2)

Access Control - Cloud vs Traditional (Part 2)

The second in a series of articles from Security Chief Francesco Cipollone of NSC42 that deep dives into the subject of access control, authentication and compliance.