Security Featured Trojans in your source code Be aware of the dangers of hidden Unicode control characters and how they can make your source code appear differently than it is executed
Development Featured Why your company will be hacked This is a short list of common reasons why your company is going to be hacked. Learn from the past to improve the future!
Hacking SANS Holiday Hack Challenge 2020 write-up This is my write-up for the 2020 SANS Holiday Hack Challenge. It contains the solutions for all terminals, objectives and side quests.
Security Featured Buffer overflow attacks explained How does a typical buffer overflow exploit work in code, at run-time and in memory and what can be achieved by running it?
Hacking SANS Holiday Hack Challenge 2019 Write-up This article is my write-up for the 2019 SANS Holiday Hack Challenge. It contains the solutions for all terminals, puzzles and objectives
Hacking Two-Factor authentication: How to secure your accounts? How to secure your online accounts by setting up two-factor authentication (2FA) and why is it important to do so? Step-by-step guide for 2FA.
Security Featured How to survive an InfoSec job interview (cryptography) This article answers 14 typical questions about cryptography you may get during a job interview for a security position or any IT-related assignment for that matter.
Security Executing a man-in-the-middle attack How can you become a man-in-the-middle on a network to eavesdrop on user traffic and what can you do to protect yourself against such an attack?
Network The OSI Model Understanding the OSI model and the aspects of its 7 layers is important for any IT professional who is involved with networking and connectivity
Network TCP 3-way handshake and port scanning How does the TCP 3-way handshake work and how is it used to perform a port scan?
Security Hosting a Cookie Stealer in Google Forms This article describes a quick and easy way to have cookie stealing functionality for your XSS tests, by using Google Forms as a host.
Security How I got access to local AWS info via Jira This article will describe how I exploited an SSRF vulnerability in an Atlassian plugin and gained access to AWS instance metadata via a local endpoint, explaining the theory and techniques along the way
Hacking Featured Hacking Windows with Meterpreter Explore the post-exploitation world of a hacked Windows machine. Steal credentials, key logging, screen capture, new accounts, download files and more.
Security Metasploit, WannaCry and Windows update How to use Metasploit to execute the Eternalblue exploit (like WannaCry and Petya ransomware) and why you should install your latest Windows updates
Security 5 Phases of hacking An ethical hacker follows a similar process to that of a malicious hacker to gain and maintain access to a computer system. The process of a typical attack scenario can be broken down into five distinct phases, which are described in this article.
Security Setting up the WiFi Pineapple NANO What is a WiFi Pineapple, how does it work and what makes it such a powerful pentesting tool? This article covers that and how to set one up in Windows 10.
