I provide live instructor-led cyber defense training. The outline of the course is detailed below. Contact me for more information or to schedule a training. I. IntroductionA. Importance of online securityB. Overview of the training topics II. Understanding the BasicsA. Read more
nd threats within an application, system, or network. It involves systematically analyzing the architecture, components, and data flows to understand how attackers might exploit weaknesses. Threat Modeling in Penetration Testing 1. Scope Definition: 2. Gather Information: 3. Identify Assets and Read more
Eternal Blue, a powerful hacking tool developed by the National Security Agency (NSA), has made headlines over the past few years for its involvement in some of the most destructive cyber attacks in history. The leaking of this sophisticated cyber Read more
Kerberoasting is a popular attack technique used by cybercriminals to exploit the Kerberos protocol in Windows Active Directory environments. This blog post will discuss the inception of kerberosting, its impact on Active Directory environments, and the steps penetration testers take Read more
The curl command is a versatile and powerful tool that allows users to transfer data to and from a server using various network protocols such as HTTP, HTTPS, FTP, and more. It is widely used by developers, system administrators, and Read more
eb requests are the backbone of the internet. Whether you’re browsing a website or making an API call, every interaction with a web application involves sending and receiving web requests. In this post, we will explore the basics of how Read more
duals and organizations to exploit for financial gain or to steal sensitive data. As an individual, it’s important to take measures to protect yourself from these online threats. In this blog post, we will discuss some of the steps you Read more
DOM-based cross-site scripting (XSS) is a type of web vulnerability that allows an attacker to inject malicious code into a web page. The code is then executed by the browser, allowing the attacker to steal sensitive information, modify the content Read more
An IDS (intrusion detection system) and an IPS (intrusion prevention system) are both security technologies that are used to protect computer networks from attacks. The main difference between the two is the way they respond to potential security threats. An Read more
Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Nmap.org This tool can be used to to obtain a network inventory, determine what ports are open on a host, what services are Read more