Author: sinfuloath

Ok everyone, I hope you have enjoyed this series thus far. We have been moving right through some Cyber Threat Intelligence (CTI) concepts and we have covered a lot of ground thus far. Now I think it is important to talk about one of the main components of CTI – Tactics, Techniques, and Procedures (TTP) …

Hey, this is actually my 1st HTB box write-up as well as box. It is actually an easy marked box. After completing some easy boxes, I will move to those boxes which actually are relevant to writing pentesting reports. Actually, I was ready to make a pentesting report in this room, but this room is …

Horror stories always begin with “it was a dark and stormy night,” with scary imagery meant to spark the imagination. Unfortunately for the client calling us on the day before Thanksgiving, this is not a tale written by Bram Stoker or the Brothers Grimm.  It was November 27th, 2019, and we were all getting ready …

The contenders: Bitwarden Keeper security 1Password References:  Website. Bitwarden Keeper Security 1Password Pcmag review. Bitwarden Keeper security 1Password BitWarden Website: https://bitwarden.com/ Price: $3 per user/month Compatibility: Windows, Mac, Linux, android, iOS Browser extension: Yes Password Sharing: Yes Open-Source: Yes Import Passwords: Yes Encryption:  end-to-end AES-256 bit encryption, salted hashing, and PBKDF2 SHA-256. Features:  Built-in File …

DISCLAIMER:The content you are about to access is for educational purposes and research aims. I am not responsible for your action, when you are “proxied” Okay, HAHA!!, Let’s Roll What is a Proxy Chain? Proxy: Imagine you are being pursued, during that pursuit, you get really exhausted and want to take a break but you …

Linux CLI Training Wheels  Welcome to my first article ever, on anything! This article is going to cover the basic raw commands to get you moving around the FHS ( File Hierarchical System) that all Linux OS function under.  From one beginner to another, learning the Linux file system can be ridiculously overwhelming and push …

Overview from OWASP reference What are injection-based vulnerabilities? Almost any source of data can be an injection vector, environment variables, parameters, external and internal web services, and all types of users. Injection flaws occur when an attacker can send hostile data to an interpreter. Injection flaws are very prevalent, particularly in legacy code. Injection vulnerabilities …

What makes the OWASP top 10 so important? Due to the importance of Application Security in reducing overall IT risk, the OWASP Top 10 has been adopted or referenced by a large number of government agencies, industry standards bodies, and prominent companies such as Microsoft, PCI Security Standards Council, Citibank, NIST, and others.  These organizations …

This guide is designed to give the most accurate methodology for detecting and vulnerability scanning WordPress sites in mass. I have broken this guide into it’s three main categories so you can easily reproduce it. Identification This is the most crucial part of this methodology, before I made this document I noticed some discrepancies within …