Articles

A discursive source of knowledge on Information Security including topics on Pentesting,
Bug Bounty, Red Teaming, Threat Hunting, Hacking Stories, and more.

Analyzing Microsoft’s NBNS and BOOTP Protocols with Wireshark for Red Teaming

Analyzing Microsoft’s NBNS and BOOTP Protocols with Wireshark for Red Teaming

In this article, we’ll dive into the functionalities of Wireshark, a powerful network protocol analyzer for network packet sniffing. We’ll focus on two key services: Microsoft’s NBNS (NetBIOS Name Service) and BOOTP (Bootstrap Protocol). We’ll show you how you can use them when you perform your Red Team engagements, particularly for Internal Pentesting or Local Network enumeration techniques, taking advantage of such vulnerable components by design that can be forgotten.

read more
Can an Amazon Fire Stick be Hacked?

Can an Amazon Fire Stick be Hacked?

With its vast entertainment library, the Fire Stick has become a household favorite. But just like any connected device, it faces potential security risks. This article explores these vulnerabilities and outlines essential steps. It will help you safeguard your Fire Stick and secure your streaming experience.

read more
Major Cyber Attacks that shaped 2023

Major Cyber Attacks that shaped 2023

In this article, we’ll dive into the major cyberattacks that shaped 2023, exploring a domain marked by a surge in both the frequency and sophistication of cyber threats. The year witnessed an escalation in the exploitation of vulnerabilities, with ransomware, phishing, and supply chain attacks emerging as predominant vectors. Notable incidents include breaches at T-Mobile, a supply chain compromise affecting 3CX software, and a zero-day vulnerability exploited in MOVEit Transfer.

read more
Social Media Safety: Navigating Privacy Risks and Cyber Threats in the Digital Age

Social Media Safety: Navigating Privacy Risks and Cyber Threats in the Digital Age

The world is very connected these days, and social media sites have become the spot where people talk about their lives, stories, and thoughts. But as we move through these huge digital worlds, there are always privacy risks and hacking threats. If you’re not careful, the trip can be dangerous. How can we keep our personal information safe while still enjoying the lively life of these online communities?

read more
Deep Dive to Fuzzing for Maximum Impact

Deep Dive to Fuzzing for Maximum Impact

In this article, we’ll explore the practice of fuzzing, a potent software testing technique. We’ll discuss about tools for fuzzing how it can be applied to both web applications and software applications, breaking down its use in each scenario. We’ll explain also the role of wordlists and generation tools in tailoring inputs.

read more
Human Intelligence is the best defense against Phishing Attacks

Human Intelligence is the best defense against Phishing Attacks

In this article, we are focusing on the persistent challenge of phishing attacks. The threat of phishing attacks looms large in our digital era, and it continues to evolve with increasingly sophisticated tactics. While technology has made significant advancements in strengthening defensive systems, human intelligence remains the most crucial defense. The human element, with its capacity for critical thinking, is essential in identifying and thwarting these attacks.

read more
Jeff Foley – OWASP Amass Founder

Jeff Foley – OWASP Amass Founder

In this article, we explore the remarkable journey of Jeff Foley, aka Caffix, with over two decades of experience spanning research, offensive security, and a focus on attack surface management. His commitment led to the inception of the Amass project, an automation-driven initiative within the OWASP community, revolutionizing the way we approach asset discovery and enhancing our understanding of online security.

read more
Necurs: Uncovering the Sophisticated Botnet

Necurs: Uncovering the Sophisticated Botnet

In this article, we will dig into the world of Necurs botnet that has plagued the cybersecurity landscape for years. Necurs is a highly sophisticated botnet known for its ability to distribute various types of malware, including ransomware and banking trojans, causing substantial financial damage worldwide

read more