Need to bruteforce directory names on a web application? Or perhaps you need to find unlisted files on a web server? Who ya gonna call? DIRBUSTER! So first thing’s first, the boring pentesty theory bit before we do all the mad hax and walkthrough the basics of Dirbuster. Remember this Continue Reading
It’s All About Communication, Insecure Communication!
Estimated difficulty: 💜💜💜🤍🤍 Welcome back to another MOBster post! It’s part three of our OWASP Mobile Top 10 series and in this post, we are covering M3: Insecure Communication! The previous MOBster post covered M2: Insecure Data Storage, and you can check that out here. Like M2: Insecure Data Storage, Continue Reading
Stressed Out, Burned Out, and a I Feel Like a Fake
I’ve always been a perfectionist. I’ve always striven to be the best version of me that I could be! When I started in university and my journey into cybersecurity, I pushed myself to stand out, be “perfect” and to do it with no mistakes. An impossible task, I realise now, Continue Reading
Liability: Insecure Data Storage
Estimated difficulty: 💜💜💜🤍🤍 Oh no, it’s another one from the MOBster series coming to get you! Hide… Run… Read with intrigue! This post is covering, M2: Insecure Data Storage, the second listing from the OWASP Top 10 Mobile Risks list. The last post in the MOBster series covered M1: Improper Continue Reading
Risky Business: A Down-Low on Risk Management Basics
Estimated difficulty: 💜🤍🤍🤍🤍 First thing’s first! Let’s talk definitions. So, what actually is risk management? To put it simply, it is the management of the risk within an organisation (doh!). The risk management process involves identifying security risks and creating and implementing plans to mitigate them. Defining Risk Risk is Continue Reading
Santa Knows Everything… Part 2
Estimated difficulty: 💜🤍🤍🤍🤍 This week is special, it’s the last post before Christmas and we might as well channel our inner Sophia and add in a little Christmas song to get us into the Christmas spirit. And since we are now feeling festive, let’s dive into Google Dorking, Christmas style! Continue Reading
Web(uilt) This City on Rock and Roll: An Intro to Web Hacking
Estimated difficulty: 💚💚💚 Hey Securiteenies! And welcome to another blog written just for you. Following on from Sarah’s “Castle on a Cloud” post about the basics of the internet – are you ready to learn a little bit about web hacking? First of all let’s recap… The Internet vs. the Continue Reading
Scream Aim Fire: Chaos Engineering Theory
Estimated difficulty: 💜💜💜💜🤍
Happy Friday, everyone! This week, I’m introducing something I’ve been interested in for a while – chaos engineering. If you haven’t heard of chaos engineering before, don’t worry – a lot of people haven’t, and it’s still quite new as a discipline.
Castle on a Cloud
Estimated difficulty: 💚💚🤍 It’s a wonder what is up in those clouds, clouds can mean many different things in this day and age. Clouds live in the sky, there is something called cloud computing and more importantly, (for this article) clouds can represent the internet – especially in a network Continue Reading
I Spy With My Little Eye: A Guide to Social Media OpSec
Estimated difficulty: 💜🤍🤍🤍🤍 Happy Friday and happy (continued) cybersecurity awareness month! For those of you that don’t know, October is renowned for being cybersecurity awareness month – a month dedicated by security professionals to raise awareness in cybersecurity, specifically to the everyday user of technology that may not be security-savvy. Continue Reading