Most Recent
-
CTI: NOTES
Cyber Threat Intelligence (CTI) can be defined as evidence-based knowledge about adversaries, including their indicators, tactics, motivations, and actionable advice against them. These can be utilised to protect critical assets and inform cyber security teams and management business decisions. It would be typical to use…
-
UKC: NOTES
Threat modelling, in a cybersecurity context, is a series of steps to ultimately improve the security of a system. Threat modelling is about identifying risk and essentially boils down to: Threat modelling is an important procedure in reducing the risk within a system or application,…
-
Authentication Attacks:NOTES
Types: MFA Fatigue Attacks – Social Engineering Cyber attack repeatedly sending MFA requests; SPAM attack; Pass-The-Hash Attack – Steal Hashed user credentials then use them to create a new session; Pass-The-Ticket Attack – Steal Kerberos tickets and use them to move laterally through an organisations…
-
ReconTools:NOTES
Wayback Machine For reviewing internet archives; Free Via internet browser; archive.org/web ; Can see historical data about a website to identify new changes which may have vulnerabilities; Can potentially find out/recover sensitive information if published at a previous time; API Functionality; Maltego For Link…
-
Exploit Tools:NOTES
Metasploit Identifies potential exploits and provides ability to execute; Netcat Creates communication channels between two systems; Installed on linux, Install Nmap on windows to access ncat command; Put a system into listening state for remote connection later; Listening over ports; Remote connection to devices; Impacket…
