Light ’em Up: An Introduction to LiDAR

Estimated difficulty:  💜💜🤍🤍🤍 It’s been a while since I’ve written about zoom hax, if you’re new to Security Queens – you can find my last blog post on hacking cars via. the Control Area Network (CAN) here. Instead of focusing on physical CAN bus hacking, this blog post will do a quick rundown of LiDAR …

Tickets Please: Kerberoasting 101

Estimated difficulty: 💜💜💜💜🤍 So as my own personal learning journey into the land of mad hax, I thought I would document something Windows-y for a change (something completely out of my comfort zone…). This is the blog no-one necessarily asked for, but I feel would be hugely beneficial to those new to professional pentesting – …

Drop it Like it’s Hot: SQLi 101

Estimated difficulty: 💜💜💜🤍🤍 Continuing our journey into the land of web hax, this week (as requested by the world of Twitter) we are covering SQL injection basics. What is SQL? SQL stands for Structured Query Language and is commonly used by various applications to interact with a database, usually submitting queries to retrieve specific information. …

Who Ya Gonna Call? DirBuster!

Estimated difficulty: 💜💜🤍🤍🤍 Need to bruteforce directory names on a web application? Or perhaps you need to find unlisted files on a web server? Who ya gonna call? DIRBUSTER! So first thing’s first, the boring pentesty theory bit before we do all the mad hax and walkthrough the basics of Dirbuster. Remember this neat little …

Stressed Out, Burned Out, and a I Feel Like a Fake

I’ve always been a perfectionist. I’ve always striven to be the best version of me that I could be! When I started in university and my journey into cybersecurity, I pushed myself to stand out, be “perfect” and to do it with no mistakes. An impossible task, I realise now, but I kept pushing myself …

Risky Business: A Down-Low on Risk Management Basics

Estimated difficulty: 💜🤍🤍🤍🤍 First thing’s first! Let’s talk definitions. So, what actually is risk management? To put it simply, it is the management of the risk within an organisation (doh!). The risk management process involves identifying security risks and creating and implementing plans to mitigate them. Defining Risk Risk is defined as a potential event …

Web(uilt) This City on Rock and Roll: An Intro to Web Hacking

Estimated difficulty: 💚💚💚 Hey Securiteenies! And welcome to another blog written just for you. Following on from Sarah’s “Castle on a Cloud” post about the basics of the internet – are you ready to learn a little bit about web hacking? First of all let’s recap… The Internet vs. the World Wide Web As Sarah …

I Spy With My Little Eye: A Guide to Social Media OpSec

Estimated difficulty: 💜🤍🤍🤍🤍 Happy Friday and happy (continued) cybersecurity awareness month! For those of you that don’t know, October is renowned for being cybersecurity awareness month – a month dedicated by security professionals to raise awareness in cybersecurity, specifically to the everyday user of technology that may not be security-savvy. Following on from Morgan’s last …

Hax and Furious: An Introduction to CAN Bus Hacking with ICSim

Estimated difficulty: 💜💜💜💜🤍 Recently I have been approached by many folks on how to get started with automotive hacking. After completing my dissertation in automotive hacking (and achieving a whopping 90% – yippee!) I decided to write this blog post as an introduction into the one of the many ways you can hack a car …

Locked Out: What is Ransomware?

Estimated difficulty: 💜🤍🤍🤍🤍 Ransomware can be a costly attack to organisations of all sizes. Recently Garmin fell victim to a ransomware attack, with reported ransoms of up to US$10 million in exchange to reinstate company files. According to a The State of Ransomware 2020 by Sophos, the global average cost to remediate a ransomware attack …