security
OWASP 10 – Broken Authentication
Authentication and session management constitute core components of modern web applications. Authentication allows users to gain access to web applications by verifying their identities. The most common form of authentication is using a username and password mechanism. A user would enter these credentials, the server would verify them. If they are correct, the server would … Read more
OWASP 10 – OS Command Injection
Command Injection occurs when server-side code (like PHP) in a web application makes a system call on the hosting machine. It is a web vulnerability that allows an attacker to take advantage of that made system call to execute operating system commands on the server. Sometimes this won’t always end in something malicious, like a whoami or just … Read more
IDOR (Insecure Direct Object Reference)
What is an IDOR? IDOR stands for Insecure Direct Object Reference and is a type of access control vulnerability. This type of vulnerability can occur when a web server receives user-supplied input to retrieve objects (files, data, documents), too much trust has been placed on the input data, and it is not validated on the … Read more
Cyber Security – Red Team
Rules of Engagements Section Name Section Details Executive Summary Overarching summary of all contents and authorization within RoE document Purpose Defines why the RoE document is used References Any references used throughout the RoE document (HIPAA, ISO, etc.) Scope Statement of the agreement to restrictions and guidelines Definitions Definitions of technical terms used throughout the RoE document Rules of Engagement and Support Agreement Defines … Read more
Digital Forensics and Investigations
Most used common passwords: https://www.ncsc.gov.uk/blog-post/passwords-passwords-everywhere Chain of Custody form: https://www.nist.gov/document/sample-chain-custody-formdocx pdfinfo – you can install it using sudo apt install poppler-utils here are many online and offline tools to read the EXIF data from images. One command-line tool is exiftool. ExifTool is used to read and write metadata in various file types, such as JPEG images. (The AttackBox … Read more
Cyber Kill Chain
According to Lockheed Martin, the Cyber Kill Chain has seven steps: Recon: Recon, short for reconnaissance, refers to the step where the attacker tries to learn as much as possible about the target. Information such as the types of servers, operating system, IP addresses, names of users, and email addresses, can help the attack’s success. Weaponization: … Read more
OWASP Top 10
A01:2021-Broken Access Control moves up from the fifth position to the category with the most serious web application security risk; the contributed data indicates that on average, 3.81% of applications tested had one or more Common Weakness Enumerations (CWEs) with more than 318k occurrences of CWEs in this risk category. The 34 CWEs mapped to Broken … Read more