Estimated difficulty:Β ππ€π€π€π€ Recently I was studying for CRT. To help myself and others revise, I thought I would make this blog post on management protocols and some of their common weaknesses and vulnerabilities. This is a high-level overview of some of these protocols and how to exploit them. We Continue Reading
Understanding Unix File Permissions
Estimated difficulty:Β ππ€π€ If you are a newbie in security and want to start learning about Unix, then this is a great post for you. This will be a quick fire post on file permissions. What do they mean and some of the vulnerabilities you might spot out in the Continue Reading
Deauth Yourself: How to Build a Deauthenticator
Estimated difficulty: ππ€π€π€ π€ Welcome to the wonderful world of hardware. This blog post is a walkthrough of how to build a deauthenticator; a pocket-sized tool that you can create to kick a device off of a network (especially good to know for April fools, or if you just want Continue Reading
There Ain’t No Party Like an EC2 Party: Creating Your Website
Estimated difficulty: ππ π€ π€π€ So you have decided to host a website on your EC2 instance? Samesies! If you still aren’t sure where to start with hosting, then check out my previous post. When it comes to creating a website, there is a shopping list of things that you Continue Reading
There Ain’t No Party Like an EC2 Party: Securing Your AWS Instance
Estimated difficulty: ππ π€ π€π€ In this post, we are slightly diverging from the original MOBster series and taking a look at Amazon Web Services (AWS). This is the first of two posts that will walk you through hosting and building a simple website… Yes, the web dev bug has Continue Reading
MOBster4: Insecure Authentication
Estimated difficulty: πππππ€ We are continuing on our quest to conquer the OWASP Mobile Top 10, and if you have been following this series then congratulations, you have made it to M4: Insecure Authentication! This post is going to delve into the world of how mobile apps can use weak Continue Reading
It’s All About Communication, Insecure Communication!
Estimated difficulty: ππππ€π€ Welcome back to another MOBster post! It’s part three of our OWASP Mobile Top 10 series and in this post, we are covering M3: Insecure Communication! The previous MOBster post covered M2: Insecure Data Storage, and you can check that out here. Like M2: Insecure Data Storage, Continue Reading
Liability: Insecure Data Storage
Estimated difficulty: ππππ€π€ Oh no, it’s another one from the MOBster series coming to get you! Hide… Run… Read with intrigue! This post is covering, M2: Insecure Data Storage, the second listing from the OWASP Top 10 Mobile Risks list. The last post in the MOBster series covered M1: Improper Continue Reading
Santa Knows Everything… Part 2
Estimated difficulty: ππ€π€π€π€ This week is special, it’s the last post before Christmas and we might as well channel our inner Sophia and add in a little Christmas song to get us into the Christmas spirit. And since we are now feeling festive, let’s dive into Google Dorking, Christmas style! Continue Reading
Castle on a Cloud
Estimated difficulty: πππ€ It’s a wonder what is up in those clouds, clouds can mean many different things in this day and age. Clouds live in the sky, there is something called cloud computing and more importantly, (for this article) clouds can represent the internet – especially in a network Continue Reading