Let’s be honest, unless you are hired to be a Security Officer for a company, creating a cyber security plan is not your main priority. Well, in this day in age, I would rethink your strategy and embrace cyber security as a common practice for any business, small or large.
As a security professional, I find myself doing more malware removal from websites that are run using either WordPress, Joomla or Drupal. Most of what I find are php files that are riddled with base64 code. This code is great for threat actors to hide their invasive malware from malware scanners. I want to show you how to find this code and show what is hidden in your php files.
Cybersecurity has become one of the top sought after careers in the Information Technology field. Careers ranging from an ethical hacker to a security auditor. With so many options to choose from, where do you start to pursue such a purposeful and exciting future? I will explain some of the top certifications that are offered and what fields they are associated with. https://komunity.komand.com/learn/article/cybersecurity-careers-and-the-certifications-needed/
As a penetration tester I have many tools that I use to help with web application testing, but the one tool that never lets me down is Burp suite by portswigger. Burp suite is an intercepting proxy that allows you to modify and inspect web traffic, it comes in two flavors, free and paid. The free version is powerful enough to assist any pen test engineer, whereas the paid version… Read More »Burp Series: Intercepting and modifying made easy
In Kali, the command dmitry (Deepmagic Information Gathering Tool), is a Linux/GNU program that is written in C and will do whois lookups, port scans, email search and more. The following is a list of the current features: An Open Source Project. Perform an Internet Number whois lookup. Retrieve possible uptime data, system and server data. Perform a SubDomain search on a target host. Perform an E-Mail address search on… Read More »Information Gathering using Dmitry