Skip to content
Register to apply for a free CISO2CISO Membership
CISO2CISO Notepad Series
SOC -CSIRT – Incidents & Attacks Notepad
Vendors & – MSSP Ecosystem
Cybersecurity Latest News
User Private Area
Register – Create Account Member
Top 10 Web Hacking Techniques 2023
The collection of articles presents a wide-ranging exploration of cybersecurity vulnerabilities, highlighting the ever- evolving strategies...
Memory analysis for fun and profit
Memory analysis is a crucial aspect of cybersecurity investigations, providing valuable insights into security incidents and...
Threat Intel Roundup: Gitlab, Juniper, MageCart, SystemBC
Weekly Overview (5 Dec-12 Dec) - 2024 Vulnerabilities and Threats: Juniper Networks: Released patches for critical...
Bitbucket Attack Vector
Data Pipeline Vulnerabilities: Bitbucket, as a linchpin in data pipelines, introduces potential vulnerabilities that adversaries may...
Purple Team Scenarios
Purple team scenarios are exercises conducted in the field of cybersecurity to assess and improve an...
The document provides an extensive list of compression methods, along with their descriptions and best use...
User Account Control / Uncontrol
User Account Control (UAC) is a security component in Windows operating systems that aims to limit...
Devsecops Security Model
The Evolving World of Software Development In the dynamic realm of software development, integrating security into...
In the sprawling metropolis of Neo-Tokyo, where neon lights cast long shadows and the digital realm...
The art of Linux persistence
The concept of persistence in Linux systems is an intricate tapestry woven from the threads of...
SMART CONTRACT SECURITY AUDIT
A smart contract is an automated transaction protocol that executes the terms of a contract. They...
The document offers a comprehensive insight into the cybersecurity company "Hadess" and its unwavering dedication to...
Android Shim Attack Surface
Android shims are small libraries that act as compatibility layers between different versions of the Android...
Mastering Impact with Sharpening Techniques (RTC0026)
Several tools with "Sharp" in their names have gained prominence. These tools are often used for...
Event Codes for Fun and Profit
Unauthorized Access Attempt:ID: 001MITRE Tactic & Techniques: Initial Access Phishing [T1566.001]Event ID & Code: 4625 FAILED_LOGONStatus...
EDR EVASION TECHNIQUES USING SYSCALLS
What are Windows Syscalls syscalls are Windows internals components that provide a way for Windows programmers...
DevSecOpsChecklist Part 1
Apache Hardening for DevSecOps Disable directory listing Enable server signature Disable server signature Change server header...
The Art Of Infection In Mac OS
In the modern digital ecosystem, the intricacies of malware infiltration within the macOS environment have evolved...
Shell code development
Understanding Shellcode At its core, shellcode is a payload used in the exploitation of a software...
SHARPENING TECHNIQUES WITH IMPACKET
In the fascinating world of cybersecurity, sharpening techniques play a crucial role in enhancing and refining...
Powershell Tips & Tricks for r/b/p teamers
In the dynamic realm of cybersecurity, where the battles between red, blue, and purple teams unfold,...
Position-independent code (PIC) is a technique used in programming to enable executable code to run at...
Event Codes for fun & profit
Exploring event codes becomes an exciting journey where fun and profit converge in the vast universe...
TOP C&C METHODS
In the world of cybersecurity, Command and Control (C&C) methods are crucial for executing malicious operations....
Apache Hardening for DevSecOps Disable directory listingOptions -Indexes Enable server signatureServerSignature On Disable server signatureServerSignature Off...
A modern iOS application that exposes your account token and runs arbitrary commands.
Exposed API Key in GET URL (/api/v1/users.info?userId): The identified security concern relates to an exposed API...
Registry Attack Vectors
The Windows Registry is a centralized configuration system that stores information necessary to configure the system...
A network-wide ad-blocking tool with the capability to execute arbitrary commands.
Path Traversal to RCE via teleporter.php and zip_file Parameter: The teleporter.php script in Pi-hole and zip_file...
100 Methods for Container Attacks (RTC0010)
This book focuses on providing a comprehensive analysis of 100 specific methods for carrying out container...
Jenkins Attack Vector
Jenkins, a cornerstone in the CI/CD landscape, is not only pivotal in automating development pipelines but...
Data Breach Today
Cryptohack Roundup: $26 Million FixedFloat Hack – Source: www.databreachtoday.com
Data Breach Today
Breach Roundup: More Fallout From the LockBit Takedown – Source: www.databreachtoday.com
The Hacker News
Apple Unveils PQ3 Protocol – Post-Quantum Encryption for iMessage – Source:thehackernews.com
Krebs On Security
New Leak Shows Business Side of China’s APT Menace – Source: krebsonsecurity.com
The Register Security
Cyberattack downs pharmacies across America – Source: go.theregister.com
The Hacker News
Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks – Source:thehackernews.com