TECHNICAL

The JWT and Base64 Secrets You Need To Know

Welcome to my guide to the JWT and Base 64 secrets you absolutely need to know if you hack.

OSINT

OSINT: Query Your Target System Like A Database

You've run queries on data collection for a long time, but what if your system can also be queried in this way?

INFOSEC

Mastodon: A Social Media Platform Dominated By Pedophiles & Child Porn

Following a Secjuice investigation, it has become clear that Mastodon is a social media platform dominated by pedophiles and most of its content is child porn.

INFOSEC

Is Infosec Really Leaving Twitter For Mastodon?

Is the infosec space really leaving Twitter? We sent our top investigative reporter onto the website known as Twitter to find out!

TECHNICAL

Defender Bypass With .PIF Extensions

Learn a new method for bypassing Windows Defender security mechanisms using PIF extensions.

TECHNICAL

Windows Post Exploitation & Clipboard Manipulation

A lab exercise in Windows post exploitation techniques, covering manipulation of the clipboard.

TECHNICAL

HTB OpenSource Walkthrough

Andy From Italy is back with another epic HackTheBox walkthrough, this time he takes on the OpenSource box.

OSINT

How OSINT Is Used In SIM Swap Scams

Learn how scammers leverage OSINT when running SIM swap scams, and some of their common techniques.

INFOSEC

An Intro To DevSecOps

An introduction to DevSecOps from a fallen comrade who wishes to remain anonymous.

INFOSEC

How to Break into Infosec With Zero Expertise

Want to break into cybersecurity but lack the relevant experience? Learn how in seven easy steps.

INFOSEC

Child Porn Allegations At Patreon After Security Team Fired

Shortly after Patreon dismissed their whole cybersecurity team, allegations of illegal activity and child porn emerge.

TECHNICAL

Windows Post Exploitation - Create Files and Log Keystrokes

Learn how to create files on the target machine using meterpreter, change the file timestamps, and log key strokes on the target system.

TECHNICAL

HTB RouterSpace Walkthrough

Andy from Italy is back with another HackTheBox technical writeup, this time he takes on the Routerspace.

OSINT

A Closer Look At Russian Military Railway Infrastructure

Russia has one of the biggest railway systems in the world which is hugely important to the Russian Military.

OSINT

The Value Of The Intelligence Cycle To Information Security Researchers

Learn about the intelligence cycle through practical examples, and how it can be applied to OSINT investigations

TECHNICAL

Windows Post Exploitation - Enabling WinRM

Learn how to access a vulnerable application, even if the initial application vulnerability is patched.

TECHNICAL

HTB Undetected Walkthrough

A technical walkthrough of the HackTheBox undetected challenge, by Andy From Italy.

CYBERSEC

Power Grid Vulnerabilities

Smart grid technology presents an opportunity for threat actors seeking to disrupt the power grid.

TECHNICAL

HTB Pandora Walkthrough

A technical walkthrough of the HackTheBox Pandora challenge, by HTB Legend Andy From Italy.

TECHNICAL

CVE-2022-24112 Exploiting HTTP Request Smuggling

Header smuggling is the art of running commands on the target server by playing around with HTTP headers.

INFOSEC

A Criminal Vulnerability Disclosure

The story of German hacker Lilith Wittmann who ran into trouble with the law after finding a security vulnerability.

INFOSEC

Application Security 101

A short guide to application security aimed at newcomers to the subject.

CYBERSEC

Meet the Ransomware Gang Behind The Biggest Supply Chain Hacks

A gang nicknamed Cl0p, FIN11, and TA505 has been hacking and extorting hundreds of companies for years.

TECHNICAL

HTB Paper Walkthrough

A technical walkthrough of the HackTheBox Paper challenge, by Andy From Italy.

CYBERSEC

Why You Should Invest In Cybersecurity Startups

A cybersecurity startup founder explains why you should invest in cybersecurity startups.