An introduction to cloud penetration testing on AWS, tailored for those familiar with traditional web and network penetration testing. It highlights critical areas and potential pitfalls in AWS security, using practical attack scenarios to illustrate key concepts. The discussion covers common vulnerabilities like leaky S3 buckets and misconfigured resource-based policies, emphasizing the importance of securing Read More …
Category: Computers
What are LISP worlds?
Lisp (programming language) is a family of programming languages that originated in the 1950s, known for its unique syntax and strong support for symbolic computation and artificial intelligence, with dialects like Common Lisp and Scheme still used today. [1, 2, 3] Here’s a more detailed look at Lisp: Key Features and Concepts: [1, 4] Symbolic Computation: Lisp excels at manipulating symbols Read More …
MTU – Maximum Transmission Unit
Maximum Transmission Unit (MTU) is a fundamental concept in networking that refers to the largest size of a packet or frame that can be sent over a network. This size is specified in octets, which are eight-bit bytes. Understanding MTU is crucial for new networking students, as it plays a significant role in the efficiency Read More …
Conference Video – How I Learned To Stop Worrying and Love the Blue Team
These are the videos from BSides Augusta 2016
Understanding Cisco Platform Exchange Grid
Cisco Platform Exchange Grid (pxGrid) is an innovative framework designed to enhance collaboration among security products by enabling them to share data seamlessly. Built on a Publish-Subscribe model, pxGrid allows data providers to publish information to specific topics, while consumers can subscribe to those topics to receive relevant updates. This architecture fosters a more integrated Read More …
Hacker TV – How I Would Learn Cyber Security If I Could Start Over
How I Would Learn Cyber Security If I Could Start Over Want to learn all about cyber-security and become an ethical hacker? His thoughts on the basics and fundamentals is so right on. Networking, User or Desktop support, Server maintenance, whatever. I firmly believe that the best security people started in IT originally. Experience on Read More …
LazyOwn: CRIMEN
For offensive security experts, LazyOwn: CRIMEN is an advanced, Python-based framework meticulously designed to streamline and automate complex penetration testing and vulnerability analysis tasks, particularly for red team operations. Far more than a simple collection of scripts, LazyOwn aims to be a comprehensive toolkit, integrating a vast array of functionalities to mimic sophisticated cyber adversaries. Read More …
Security is underwater
Also , there are no life preservers. In a recent reflection on conversations I’ve had, I’ve noticed a recurring theme that highlights the disconnect between non-IT professionals and security experts regarding data handling and application deployment. Non-IT individuals often enthusiastically present their newly developed applications that utilize specific data and share it with various users, Read More …
TTL – Time to Live
Time to Live (TTL), often referred to as hop limit, is a crucial mechanism used in computer networking to manage the lifespan of data packets as they traverse through a network. The primary purpose of TTL is to prevent data packets from circulating indefinitely, which can occur due to routing errors or network loops. By Read More …
Conference Video – Automating Malware Analysis for Threat Intelligence
These are the videos from B Sides Augusta 2016: