TECHNICAL

Malware Analysis Using Memory Forensics

Malware analysis can be very simple or very complex. The goal of this article is to introduce a process of using free tools that entry-level analysts can use to collect data.

TECHNICAL

An Introduction To Binary Exploitation

Interested in binary exploitation? Then welcome to a very detailed beginners guide and introduction to help you start your journey's in binary exploitation!

INFOSEC

From Passwords To Web Authentication

Passwords safe aren't here to stay. Yet they are still needed. Read where we are with web authentication and where we are going.

CYBERSEC

Passive Reconnaissance Using OSINT

This article explores the basics and core aspects of OSINT from a reconnaissance perspective, in which we map out the entire public facing infrastructure of a target.

CTF

Apache Struts2 CVE-2018-11776 POC

Learn about the Struts2 Remote Code Execution vulnerability CVE-2018-11776, how to exploit and how to create a Proof of Concept (POC) with docker.

CYBERSEC

Cryptocurrency Double Spending

An introduction to cryptocurrency and a closer look at double spending, one of the many attacks affecting the security of some cryptocurrencies.

CYBERSEC

Passwords & Human Psychology

The problem with humans is that we want to protect our data but are not willing to make any effort to protect it, a good example is the passwords we choose.

CYBERSEC

Mobile Infosec Challenge Walkthrough

Infosec Mobile CTF - The goal of this challenge is to extract encrypted data plus its secret from a database embedded inside the application.

CYBERSEC

Does it Equate?

Does it equate? - Lets take a closer look at the most advanced threat actor we have seen, the Equation Group.

CYBERSEC

How The Air Gap Got Its Groove Back

The idea of using an air gap for cybersecurity is an old idea, it harks back to the good old days when we weren’t paranoid about being hacked through the air.

CYBERSEC

Four Areas That I Evaluate During An Information Security Interview

Got an infosec interview coming up? In this article Ninad D talks us through the four areas that he evaluates during an interview conversation.

CYBERSEC

Sideloading (Re-Sign) An iOS App To Install On A Jailed Device

In this article Roy Shoemake walks us through the process and shows us how to install an IPA binary onto a jailed iOS device (aka sideloading).

INFOSEC

How To Market Yourself As An Information Security Professional

Ever wondered how best to market yourself as an infosec professional? In this article we will take some words of wisdom from Dr Seuss on how best to get ahead in the infosec world.

TECHNICAL

Blind Stored Cross-Site Scripting

In this article, we join security researcher Roy Shoemake to learn what blind Cross-Site Scripting (XSS) is and a couple of ways to test for it.

CYBERSEC

HackTheBox Walkthrough : Canape

Now that the HackTheBox.eu CANAPE challenge has been retired, security researcher @DRX_Sicher can publish his walkthrough.

INFOSEC

Are You Secretly Mining Crypto Currency?

You may never know if you are mining cryptocurrency or not these days, join security researcher Roy Shoemake as he explores the wonderful world of stealth cryptomining.

INFOSEC

Unboxing India's Data Protection Framework – Part Two of Many

Cybersecurity professional Ninad Dhavase takes a further deep dive into India's data protection framework, breaking it down into easily understood chunks.

CYBERSEC

HackTheBox - Olympus Write Up

The latest in a long line of HackTheBox writeups from security researcher Shaksham Jaiswal who is back with his write up of the Olympus CTF challenge.

INFOSEC

DEF CON Groups: What Works in 2018?

Thinking about starting your own DEF CON group? Join security researcher Lacey Kasten in an investigation into what works and what doesn't in 2018.

INFOSEC

The DOD Has Its Head in the Clouds

The Department of Defense spends roughly $38 billion dollars a year alone on information technology that supports two million users and 10,000 operational systems.

CYBERSEC

DDoS Boss

Learn about the power and strength of botnet driven DDoS attacks with DDoS boss Ryan Jackson, formerly leader of the New Worlds Hackers Group.

INFOSEC

SANS Holiday Hack Challenge - Part 2

Part two of security researcher Roy Shoemake's SANS Holiday Hack Challenge, lets take a closer look at the primary technical challenges and overcome them.

INFOSEC

SANS Holiday Hack Challenge – Part 1

The Untold Story of the Elves at the North Pole. Giant snowballs are causing destruction at the north pole, find out who the villain is and their motive.

CTF

HackTheBox - Canape write-up

Canape retires this week, it's one of my favorite boxes on HTB for it's lessons on enumeration and scripting as well as a cool way to privesc. So, let's find our way in!

CYBERSEC

HackTheBox - Poison Write Up

Poison retires this week at HTB and it has some very cool privesc, plus another way to get into the box which needs us to, ahem, *poison* things.