Posts

The article explores the history of open-source software and its impact on the computing industry, from the rise of Microsoft and proprietary software to the birth of Linux and the GNU Project, the emergence of open-source software, and the mainstreaming of open-source software, highlighting key players, developments, and anecdotes, while also discussing its relevance to cybersecurity and the need for community-driven development and collaboration.

This article explores the importance of TTP (tactics, techniques, and procedures) analysis in detecting and mitigating cyber threats, including its role in guiding investigations, assisting in attribution, and informing predictive analysis, using examples of TTP analysis in well-known attack campaigns.

This article explains Scenario-Based Testing (SBT) in detail, its benefits, tools and techniques used, and provides examples of how SBT can be used in Red Team Exercises to identify vulnerabilities and weaknesses in an organization’s security defenses.

This article provides an in-depth overview of advanced malware analysis techniques, including manual and automated disassembly, decompilers, debuggers, and dynamic binary instrumentation (DBI), with examples of tools and outputs provided for each technique.

This article is an introduction to the Lua programming language for pen testers and red team members, covering its basic concepts and syntax, examples of its use in network analysis, password cracking, and web scraping, and weighing its pros and cons compared to other languages.

This article is a comprehensive overview of the history and evolution of the x86 architecture, including its predecessors, competitors, and its significance to cybersecurity.

This article provides an in-depth analysis of the vulnerabilities and best practices for securing Industrial Control Systems (ICS) against cyber-attacks for an advanced audience of experienced security professionals, including sections on lack of network segmentation, weak authentication, outdated software and firmware, lack of monitoring and logging, vulnerable remote access, and SCADA hacking tools.

This article explores the concept of application layer firewalls, how they work, their importance in network security, and some tools used to test them.

This article explores a range of covert communication and exfiltration techniques for Red Team operations, including protocol-level channels, social media, and out-of-band exfiltration techniques.

This article provides an introduction to PowerShell scripting, including basic concepts and syntax, specific code examples for pen testing and red teaming tasks, and the language’s pros and cons compared to other programming languages in the field.