INFOSEC

Black Hats Drive The Infosec Space

We pretend that 'black hat' is a dirty term in the infosec space, but half of you would not earn half as much money as you do without them.

INFOSEC

Apply For Infosec Jobs Like You Mean It

Learn how to apply military strategy to your job hunt and apply for infosec jobs like you mean it, with security researcher Stuart Gentry.

TECHNICAL

HackTheBox - Stratosphere Write-up

Stratosphere retires this week at HTB. I really liked this box for its awesome privilege escalation (privesc) and the rabbit holes. So without further ado, this is your pilot Minato reporting, looks like there's some turbulence... Lets hit stratosphere!!!

TECHNICAL

Web Application Firewall (WAF) Evasion Techniques #3

Uninitialized Bash variable to bypass WAF regular expression based filters and pattern matching. Let's show it can be done on CloudFlare WAF and ModSecurity OWASP CRS3

CYBERSEC

So You Wanna Be A Hacker?

This is a very basic article written especially for those of you who want to get started in hacking. If you are an elite hacker, be a pal by sending me your suggestions so I can update my article.

TECHNICAL

HackTheBox - Celestial Writeup

Celestial retires this week, it was a pretty cool box with a good vulnerability to look into. So without any further blabbering, lets get to r00t!

CYBERSEC

Remember Fancy Bear?

Fancy Bear is a cyber-espionage group that has recently become a household name due to the highly publicized Democratic National Committee (DNC) hack in 2016.

CYBERSEC

HackTheBox- Rabbit Writeup

This week Rabbit retires on HTB, it’s one of my favorite boxes and after joining the Secjuice writing team, I decided to publish my first ever write-up.

INFOSEC

Cryptology : The Original Crypto

Cryptology is the art and science that deals with both cryptography and cryptanalysis, lets dive into its two main components.

CYBERSEC

Penetration Test Scanning 101

Lets take a look at the different types of attack involved in penetration test scanning and get a high level overview of how they work, with security researcher Hozaifa Owaisi.

TECHNICAL

Finding The Real Origin IPs Hiding Behind CloudFlare or Tor

Tor hidden services and reverse-proxy providers (e.g. CloudFlare) are useless if you are making simple mistakes. This is how you can reveal origin IPs when you make a mistake.

INFOSEC

GhostShell - My Hacktivist Ideology

I did a lot of things over the years, from publicly declaring cyberwar on political leaders, to hacking Wall Street and other high profile targets such as NASA, The Pentagon and FBI.

INFOSEC

The Electric Vehicle Charge Attack

Electric vehicles are all the rage. Little do we know we are becoming vulnerable to a cyber attack. This car salesman preys on his clients using the EV as his attack surface.

TECHNICAL

Reverse Engineering My Own Website

Security researcher Alessandro Innocenzi built his website using esoteric programming languages, a website that you have to first compile in order to get any information out of it.

INFOSEC

Managing For Inclusion and Diversity

We are the snake eating itself, cannibalistic and harmful. We fight over the inclusion, and value, of women or LGBT, proper human behavior and the credibility of certifications.

CYBERSEC

Vegas - Where Thugs Come Into Your Room And Search Your Stuff

Hotel thugs at DEFCON tried to burst into your room and photograph your things? You aren't alone, its happened to lots of DEFCON attendees.

OSINT

The Art Of The Sock

Sock puppets are where the OSINT rubber meets the HUMINT road, but you need to be good at using them to survive in the infosec jungle.

OSINT

An Introduction To Open Source Intelligence (OSINT) Gathering

An introduction to open source intelligence (OSINT) gathering, from renowned OSINT author Nihad Hassan.

The DEFCON Experience : Frat House Converted into DEFCON Simulator

A fraternity is helping to pay off their tuition by selling tickets to DEFCON Experience, the world’s first full-sensory conference simulation.

TECHNICAL

DNSBL: Not just for spam

Security practitioner Menin_TheMiddle is using DNS to stop botnet, spammers and anonymous traffic with Nginx, Lua and DNSBL. Find out how.

Blockchain Startup Completely Solves Security: All Future DEFCONs Cancelled

A blockchain startup is making waves at DEFCON this year for having completely solved the problem of information security

TSA Partners with Offensive Security for OSCP Exam Requirements

In order to make the OSCP exam a safe and friendly experience, Offensive Security has collaborated with the Travel Security Administration (TSA).

CYBERSEC

Got Your Exam Results? Rewards Await You If You Choose To Get Into Cybersecurity

Just got your exam results? Rewards await those who take the plunge into cybersecurity. Just ask security writer Matthew Olney who can get you an apprenticeship.

INFOSEC

Know Thyself - An InfoSec Commandment

"Know thyself" is commonly attributed to conversations about the gods, but in infosec it is particularly relevant to knowing your environment and what is within it.

CYBERSEC

Fornite & Android: A Real Battle Royale

A warning for those of you with children who like to play Fortnite and other games on your phone, from security writer Stephen Chapendama.