Estimated difficulty: 💜🤍🤍🤍🤍 Passwords have been a form of securing your accounts for years. They are your key to unlock the door to your account for want of a better metaphor. You are the only person that should know your password, as the creator and keeper of this information. My post will try to help …
Estimated Difficulty: 💜💜💜🤍🤍 Another song themed blog, this blog will mostly cover BurpSuite interception basics (including how to setup BurpSuite). We will be demonstrating BurpSuite using Kali Linux, using the Community Version (1.7.35). As always, constructive criticisms and feedback are always welcome! Back to Basics Before we dive into the realm of web hacking and …
Read more “STOP! In the Name of Web: Intercepting Traffic with BurpSuite (A Beginner’s Guide)”
Estimated Difficulty: 💜💜💜🤍🤍 I’m sure you have all heard the whispers that Security folk dislike the Developer folk… However, the time has come for the Security-Developer to be born! I don’t know about you, but I am all for making my life easier and after a dissertation full of failures, I have a new love …
Estimated difficulty: 💜🤍🤍🤍🤍 Hello, and welcome to another week of Security Queens! 🎉 This week I’ll try to give you a quick overview (not exhaustive) of a few common types of fraud, a bit of information about money laundering, and a little perspective about how it all ties into the bigger picture. Fraud is criminal …
Estimated Difficulty: 💜💜💜🤍🤍 Recon, Recon, Recon One of the most important phases of an attack, is the reconnaissance phase. Often abbreviated to recon, this phase usually consists of a variety of process and techniques to collect information about a target system. This phase may also be known as “Information Gathering” as the main goal is …
Read more “They See Me Scannin’, They Hatin’: A Beginner’s Guide to Nmap”
Estimated difficulty: 💜🤍🤍🤍🤍
Hey! This is a quick, simplified overview of some related terms for anyone who isn’t familiar with cryptography. I’ll add to this as time goes on to try and make sure it includes the terms used in other posts. 🥳
Estimated difficulty: 💜💜🤍🤍🤍 This post is heavily inspired by Simson Garfinkel’s A Field Guide to Spotting Bad Cryptography (2005) – link below – and aims to give you a quick, lightweight overview of things to look out for when you’re trying to assess the security of cryptography in the wild, without dissecting an algorithm. If …
Estimated difficulty: 💜🤍🤍🤍🤍 This post is in collaboration with the infamous OSINT (Open Source INTelligence) hacker @thecyberviking. “Google knows everything… – Part 1” is but one post in a series of OSINT related topics created with the help of that spooky dude! This post on Google Dorking will focus on the use of queries to …
Estimated Difficulty: 💜💜💜💜🤍 Congratulations, you’ve got a foothold!Now what? Bop to the Top and get yourself some Root! The following blog will detail my own personal checklist that I run through when attempting to privilege escalate in a Linux environment. From my personal experience, it has a fairly good success rate – but I’ll also …
Estimated difficulty: 💜🤍🤍🤍🤍
Welcome to week four of government-mandated sourdough-baking and Netflix-binging, and my first post on Security Queens. 🎉
I’m asked quite often how I managed to get into the security industry, coming from a non-technical background, and for useful resources for people just starting out…