TECHNICAL

AP Faker: Arduino project

The purpose of this educational project is to create a fake Access Point that can blend in alongside a public Access Point.

TECHNICAL

HTB Trick Walkthrough

A technical walk through of the HackTheBox TRICK challenge by Andy from Italy.

CYBERSEC

Cryptocurrency & Blockchain Technology Regulations

The asset class has yet to be declared by the regulators and this is where the currency vs security debate begins.

INFOSEC

Rise of the Nigerian Cybercrime Princes

The complexity of these scams is dependent on the duration of operation, the targets, the potential proceeds, and the versatility of the format.

TECHNICAL

Getting started with the MITRE ATT&CK Framework

MITRE ATT&CK is a knowledge base of adversary tactics and techniques based on real-world observations.

OSINT

TikTok Targeted OSINT Investigations (P1 - User)

You get a new case to investigate and it's a young social media user with no Facebook, no Twitter, just TikTok.

OSINT

Mastodon OSINT: A Comprehensive Introduction

Part one in our series on Mastodon, focused on gathering OSINT from the platform's users, instances and network.

OSINT

OSINT: The Mastodon Paedophile Problem

Mastodon has a major paedophile problem, join computer scientist Edward Charles for a closer look at the pedophilic side of the fediverse.

TECHNICAL

HTB Shibboleth Walkthrough

A technical walkthrough of the HackTheBox SHIBBOLETH challenge from the King of HTB Andy From Italy.

TECHNICAL

Windows Post Exploitation - WDigest Credentials Cache

Learn how to enable WDigest credential caching and Metasploit to retrieve the plain text password of logged-in users.

INFOSEC

What You Overlook In Malware Analysis

When infosec people hear "malware analysis" most jump directly to binary analysis and reverse engineering.

INFOSEC

Unhackable Things: Notes On Formal Verification

Formal verification is all about writing mathematical proofs, which show the correctness (or incorrectness) of a thing.

INFOSEC

A Quick Look At YARA

YARA is a tool aimed at helping malware researchers to identify and classify malware samples.

INFOSEC

CORS – Cross-Origin Resource Sharing – What, how, and why?

Have you ever wondered how API resources can browse safely from domain origins other than the server?

Windows Post Exploitation - Enabling RDP

Learn how to use Windows's vulnerable file-sharing service to enable RDP post-exploitation.

TECHNICAL

HTB Late Walkthrough

A technical walkthrough of the HackTheBox LATE challenge from the King of HTB Andy From Italy.

HTB Meta Walkthrough

A technical walkthrough of the HackTheBox META challenge from the King of HTB Andy From Italy.

HTB Secret Walkthrough

A technical walkthrough of the HackTheBox SECRET challenge from the King of HTB Andy From Italy.

INFOSEC

Supply Chain Attacks

Organizations need to understand the dependencies they're injecting into their networks and applications.

TECHNICAL

The JWT and Base64 Secrets You Need To Know

Welcome to my guide to the JWT and Base 64 secrets you absolutely need to know if you hack.

OSINT

OSINT: Query Your Target System Like A Database

You've run queries on data collection for a long time, but what if your system can also be queried in this way?

INFOSEC

Mastodon: A Social Media Platform Dominated By Pedophiles & Child Porn

Following a Secjuice investigation, it has become clear that Mastodon is a social media platform dominated by pedophiles and most of its content is child porn.

INFOSEC

Is Infosec Really Leaving Twitter For Mastodon?

Is the infosec space really leaving Twitter? We sent our top investigative reporter onto the website known as Twitter to find out!

TECHNICAL

Defender Bypass With .PIF Extensions

Learn a new method for bypassing Windows Defender security mechanisms using PIF extensions.

TECHNICAL

Windows Post Exploitation & Clipboard Manipulation

A lab exercise in Windows post exploitation techniques, covering manipulation of the clipboard.