Red Team, Black Day: Why Experienced Pentesters Fail in Red Team
This article is a translation of the original article from habr.com by user secm3n, and it is a real example…
Burp Suite: Delving into Security Auditing
Introduction The scanning phase in Burp Suite is a critical step in the process of assessing the security of web…
Introduction to OSINT
What is OSINT? OSINT (Open Source Intelligence) is the process of collecting information from publicly available sources and subsequently analyzing…
CISA | Known Exploited Vulnerabilities
What is CISA? CISA | Known Exploited Vulnerabilities (KEV) Catalog is a list of Common Vulnerabilities and Exposures (CVEs) that are…
The ELK Stack: Free open-source SIEM solution
What is ELK? The ELK stack is an open-source software collection that provides a powerful and versatile toolset for log…
Main Types of Authorization
What is Authorization? Authorization is the process of determining what resources a user or process can access. It is an…
Shodan.io: The Search Engine for the Internet of Things
What is Shodan.io? Shodan.io is a search engine for internet-connected devices. It is also known as the “search engine for…
Fuzzing | Introduction to Software Testing
What is Fuzzing? Fuzzing, or fuzz testing, is a software testing technique that provides invalid, unexpected, or random data as…
Exploiting XSS in hidden input fields and meta tags
In this post we are going to show how you can (ab)use the new HTML popup functionality in Chrome to…
Kaspersky Lab discovered a backdoor
Experts from the company have reported that a malicious campaign using Free Download Manager lasted for over three years. During…