- Phishing, SQL, Brute Force DDOS
- Red teams, blue teams, purple teams
k
open source, enterprise, or an arsenal
As data breaches continue to dominate the headlines, suggestions for enhancing your cybersecurity stance are everywhere. While much of this advice may be worth following, it’s often complicated, entailing multi-step processes or requiring expert intervention. However, before you start exploring advanced options, it’s important to begin with the basics. When it comes to cybersecurity, the simplest advice is to always implement patches.
As cyber-attacks continue to be disturbingly common, penetration tests have become increasingly important. These valuable assessments, performed using either in-house personnel or third-party service vendors, exploit vulnerabilities to determine the security stance of an IT environment. In fact, according to the 2024 Penetration Testing Survey, 83% of respondents run pen tests at least 1-2 times a year.
In part 7, we solved ABO2 in GHIDRA. In this part, we’ll use IDA FREE to solve ABO3.
As is the case with all of the ABOS, the goal is to run the calculator or some other executable that we want.
Unfortunately, the reality of cybersecurity is that attackers will sometimes succeed in breaching an IT environment. Accepting this probability allows you to focus on learning how to detect a breach and manage such attacks.
Cybersecurity expert Julio Sanchez demonstrates approaches threat actors may take in an attempt to gain persistence after compromising Active Directory. Learn how each technique leaves different signs of compromise and how open-source tools can be used to spot them.
Core Impact and Cobalt Strike represent two distinct, yet complementary approaches to security assessment.
The new format of Microsoft monthly updates have proven challenging to reverse engineer. We’ve figured out a workaround that we hope will be helpful.
In the original format, the Microsoft updates have always included the full files to patch, and from there it’s relatively straightforward to work on reversing and diffing through only extracting, without installing the patch.
Penetration testing has become an increasingly standard exercise, with organizations using either pen testing services or in-house teams to uncover weaknesses and assess their security posture.