In the fields of Cybersecurity and DevOps, there is no substitute for hands-on experience with cloud infrastructure. To further my own practice, I have recently started diving into the Microsoft…
All modern websites consist of at least 3 fundamental components: HTML, CSS, and JavaScript. HTML creates structure, CSS is used for styling, and JavaScript enables interactive user experiences through manipulation…
In this lab exploring HTML forms-based authentication, I use Burp Suite to fuzz a username of interest to discover a valid password combination. “Fuzzing” in the context of web application…
An interception proxy is a must-have tool in any web application penetration tester’s arsenal. In brief, an interception proxy is an application downloaded on a host computer and sits in-between…
In the world of digital forensics, we can envision data as belonging to two distinct categories. Those categories are either volatile, or non-volatile states of data (Mohanta, 2020). Volatile data…
It is difficult to ignore how the internet has now made it possible to cause harm in a digital environment (McGovern, 2018). According to Western interpretations of proper jurisprudence and…
Once a vulnerability is discovered in any given IT system, one common payload a malicious attacker often wants to deliver is a reverse shell. From the black-hat attacker’s perspective, he…
In today’s modern tech-centered business environment, corporations like Facebook, Google, and Amazon have collected extensive analytics of users’ online digital behavior in order to build, maintain, and increase their market…
Nmap is an extremely powerful, free and open-source network mapping utility that can be used for many purposes. In this post, I provide a brief overview of what Nmap can…
In this writeup, I will cover how a custom script in python “knows” to read text input by the user written at the command line. In line 1, the sys…