Posted in Computing Security Web Application

What is Deserialization?

OWASP Description: Data which is untrusted cannot be trusted to be well formed. Malformed data or unexpected data could be used to abuse application logic,…

Continue Reading?
Posted in Computing Security INFOSEC Web Application

Portswigger’s Web Academy Review

I have had the pleasure of testing out Portswigger’s web academy here lately. I just want to say that so far I have enjoyed it….

Continue Reading?
Posted in Computing Security

Should companies make the most of blackhats and reformed hackers?

Organizations are often hesitant to access the talent pool of ex-black hats and reformed hackers. In the age of the cyber skills gap, are they…

Continue Reading?
Posted in Computing Security Penetration Testing Windows

SMB Shares

Reference: //Good video talking about talking about taking advantage of SMB shares http://obscuresecurity.blogspot.com/2012/05/gpp-password-retrieval-with-powershell.html http://esec-pentest.sogeti.com/exploiting-windows-2008-group-policy-preferences   // The video below is a good demonstration of putting…

Continue Reading?
Posted in Computing Security

OWASP Top 10

https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf     Injection Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Security Misconfiguration Cross-Site Scripting (XSS) Insecure Deserialization Using…

Continue Reading?
Posted in Computing Security Packet Sniffing

Snort Lab 11-21-18

In this exercise, you will learn the basics of Snort. Go to Start > Run > Enter cmd. Right-click on the cmd icon and select…

Continue Reading?
Posted in Computing Security

Windows NTFS File System

In order to improve performance, reliability, and support large disk volumes, Microsoft developed NTFS file system for Windows NT in the early ’90s. NTFS is…

Continue Reading?
Posted in Computing Security

Encase for FAT Demo

EnCase Forensic is a fantastic tool for forensic analysis. In this demo, I only want to show you how do we use EnCase to visually…

Continue Reading?
Posted in Computing Security

Windows FAT File Systems

After acquiring and preserving the pertinent evidence, we move onto analyzing Windows images. As mentioned earlier, forensic analysis tools usually bypass operating systems normal operations…

Continue Reading?
Posted in Computing Security

Security Analytics Toolbox and an Example

Before you jump right into data-driven security analytics, it is important to ensure you at least have a basic familiarity with the two most prominent…

Continue Reading?