Discover and read the best of Twitter Threads about #penetrationtesting
Most recents (6)
Excerpts from @JeremyHarbinger's Cognitive Biases and #PenetrationTesting: offensive-security.com/offsec/cogniti… 🧵
Due to the Sunk Cost Fallacy, it’s often emotionally easier to continue down a rabbit hole rather than just move on to a different attack vector, even if it causes us more pain and sufferance than the alternative.
What can we do about it? The following method works for me on many levels; we can apply it to machines on a network, to services on a machine, or to directories on a web application.
Another new idea for #PenetrationTesting and #Bug-hunting:
Tester:
Enhance the force of #vulnerabilities by doing things like
I discovered a free #URL that leads somewhere else.
Put this in my report and move on ?
Tester:
Enhance the force of #vulnerabilities by doing things like
I discovered a free #URL that leads somewhere else.
Put this in my report and move on ?
To the contrary, changing the #payload allowed me to transform it into a reflected #XSS #vulnerability. Is this the final question?
Obviously not if I have any hope of carrying on.
Obviously not if I have any hope of carrying on.
Here's a list of free #PenetrationTesting and #RedTeam Labs you may set up in your own home to enhance your #hacking abilities :
1) Red Team Attack Lab
A simulated setting where red teams can practice exploiting #vulnerabilities in various operating systems.
lnkd.in/ernefQv8
A simulated setting where red teams can practice exploiting #vulnerabilities in various operating systems.
lnkd.in/ernefQv8
2) Capsulecorp Pentest
#Capsulecorp is a lightweight virtual infrastructure operated using Vagrant and Ansible. One #Linux attacking system running #Xubuntu is included, along with four #Windows 2019 servers hosting a variety of #exploitable services.
lnkd.in/eYfGmNBe
#Capsulecorp is a lightweight virtual infrastructure operated using Vagrant and Ansible. One #Linux attacking system running #Xubuntu is included, along with four #Windows 2019 servers hosting a variety of #exploitable services.
lnkd.in/eYfGmNBe
My updated list of #penetrationtesting books you should have in your collection!
@PhillipWylie, @kim_crawley, @georgiaweidman, @Moos1e_Moose, @hackerfantastic, @Jennifer_Arcuri, @three_cube
Books to Start Your Penetration Testing Journey (2021 Edition)
alphacybersecurity.tech/books-to-start…
@PhillipWylie, @kim_crawley, @georgiaweidman, @Moos1e_Moose, @hackerfantastic, @Jennifer_Arcuri, @three_cube
Books to Start Your Penetration Testing Journey (2021 Edition)
alphacybersecurity.tech/books-to-start…
If you enjoy what I'm doing, please support by buying me a "coffee"!
I will use it to keep building the AlphaCyberSecurity.tech blog, #InfoSecUnplugged & share exclusive content to supporters/members of the #pack!
All support is greatly appreciated!
I will use it to keep building the AlphaCyberSecurity.tech blog, #InfoSecUnplugged & share exclusive content to supporters/members of the #pack!
All support is greatly appreciated!
I did this one before. But since we're making #30daysofthreads a great opportunity for folks to learn gems going into 2020, I figured I bring this one back!
With that being said, I will list 10 books to get started you in #hacking & #penetrationtesting
#CyberSecurity #infosec
With that being said, I will list 10 books to get started you in #hacking & #penetrationtesting
#CyberSecurity #infosec
“Penetration Testing" by
@GeorgiaWeidman
- 1 of the top books you must read if you're new to hacking or reviewing. Some material is dated but it is still a great book (Georgia is working on a new version. Don't bother her about it!) -
amzn.to/2WRB4N7
@GeorgiaWeidman
- 1 of the top books you must read if you're new to hacking or reviewing. Some material is dated but it is still a great book (Georgia is working on a new version. Don't bother her about it!) -
amzn.to/2WRB4N7
@georgiaweidman “Linux Basics for Hackers” by OccupyTheWeb
This book is great for those learning or working w/ Linux. It explains how to install Kali & what services are installed & what they're used for. This book also explains how to create scripts in BASH & Python
amzn.to/2NcCKNN
This book is great for those learning or working w/ Linux. It explains how to install Kali & what services are installed & what they're used for. This book also explains how to create scripts in BASH & Python
amzn.to/2NcCKNN
The @BBFC #AgeVerification "Certificate Standard" has been published.
This is the document which is being proffered to protect the facts & details of _YOUR_ online #Porn viewing. Let's read it together!
What could possibly go wrong?
ageverificationregulator.com/assets/bbfc-ag…
This is the document which is being proffered to protect the facts & details of _YOUR_ online #Porn viewing. Let's read it together!
What could possibly go wrong?
ageverificationregulator.com/assets/bbfc-ag…
@BBFC Well, that was fast:
"this is the foundation of the non-statutory, voluntary age-verification certification scheme (the Scheme)"
"Only age-verification providers that meet the requirements of the Standard…will receive certification"
What happens to the ones that don't?
"this is the foundation of the non-statutory, voluntary age-verification certification scheme (the Scheme)"
"Only age-verification providers that meet the requirements of the Standard…will receive certification"
What happens to the ones that don't?
@BBFC [ Incidentally, I am going through this in real time with a mug of coffee, so there may be some jumping back and forth. Don't expect perfection. ]
