Rolling for Resilience: A Strategic Guide to Cybersecurity Table-top Exercises
This is the first post in this series addressing my perspective on the current state of Cybersecurity Incident Response training and an approach to improve interest, participation, and expanded learning. Rolling a 1 on Engagement: Rethinking the Security Awareness Check Let’s be real, convincing ...
Continue Reading
What does PCI require for Developer Training?
Training |
PCI |
developers |
application security |
appsec
The Payment Card Industry Security Standards Council (PCI SSC) defines compliance standards for all ...
Continue Reading
Flipper Zero: A Hardware Hacking Multitool Webcast
Training |
hacking |
hardware |
webcast |
flipper zero
The Flipper Zero is known as a hacking multitool. It can cover a range of hacking from sub-ghz ...
Continue Reading
Unleashing the Power of Flipper Zero: A Hacker's Multitool Webcast
Training |
wireless |
webcast |
flipper zero
In the ever-evolving world of technology, the Flipper Zero has emerged as a game-changer, making ...
Continue Reading
Understanding Server-Side Template Injection (SSTI)
Testing |
Training |
QA |
web penetration testing |
penetration testing |
application security |
OWASP |
web application security |
methodology |
OWASP Top 10
Web applications play a vital role in delivering dynamic content to users. To achieve this, ...
Continue Reading
Introducing SamuraiWTF 5.3: A Powerhouse for Web App Pen Testing
Testing |
Training |
samuraiWTF |
web penetration testing |
application security |
professionally evil |
Secure Ideas |
hacking |
OWASP |
Project
We are thrilled to announce the release of SamuraiWTF (Web Training Framework) version 5.3! This ...
Continue Reading
Introducing BILE - Groundbreaking Classification for Web App
Training |
penetration testing |
OWASP |
web application security |
BILE |
OWASP Top 10 |
BILE Classification Scheme |
vulnerability classification
As a seasoned web application penetration tester, I've always felt that there should be a more ...
Continue Reading
Is the CISSP Mentorship for me?
“Knowledge is power.” That quote has been said more times than you can count because it’s true. The ...
Continue Reading
How to iterate through advfirewall rules
Training |
professionally evil |
Secure Ideas |
Windows 10 |
Windows 11 |
sysadmin |
system administration |
cmd |
powershell |
firewall rules
There are several ways to pull firewall information from a Windows system. Today we will leverage ...
Continue Reading
Working With Data: IP and Port Filtering
Training |
professionally evil |
Secure Ideas |
technology tips and tricks |
sysadmin |
data |
data manipulation |
excel |
spreadsheet |
filtering
During our day-to-day work, there’s a lot of data that we interact with. In order to make good use ...
Continue Reading
Coming Soon - Twelve Days of ZAPmas
In December of 2018, I published a twelve-day series of cross-site scripting tips, tricks, and ...
Continue Reading