To properly experiment you need a good Active Directory VM lab setup. An environment where you can test the kinds of tests you want to do and it is OK if the environment breaks. So the environment needs to be easy to rebuild or move back to a functional point in time. This post will …
Analyze Nmap traffic with Wireshark
To figure out what Nmap really is doing behind the scenes you can analyze Nmap traffic with Wireshark. Whether Nmap is not showing the expected result or you just want to look at the packets – this is a great network lab. Nmap ping probes analyzed with Wireshark The background to this post is that …
Create a SSRF vulnerable website
Create a SSRF vulnerable website to understand the vulnerability and its implications. While learning to use basic building blocks of a website you can learn what issues developers and defenders face and at the same time learn to detect and abuse SSRF. Create a SSRF vulnerable website – LAB In the lab available at Substack …
Create a XSS vulnerable website
Learn XSS through practice and create a XSS vulnerable website. It is vital for you to know the most common web vulnerabilities. Both if you are working on the defensive blue side or if you are working on the offensive red side. Knowing them and their potential impacts helps you to become a better security practitioner. …
Your own personal security risk hygiene check
Perform your own personal security risk hygiene check to see where you stand. What assets or information do you have that is important and valuable to you? How is this information protected today? What risks could affect your valuable information – imagine a few worst case scenarios and how well do you hold up? Have …
Flask app login vulnerable to SQL injection
In this lab you will create a Flask app login vulnerable to SQL injection. Learn the basics of SQL injection by actually writing code that is vulnerable to it. Hack your own Flask app login page and then rewrite the code to not be vulnerable. The impact of SQL injection could be catastrophic so make …
How to build and hack a simple Flask web app with OWASP
How to build and hack a simple flask web app with OWASP? Well not with OWASP but you can use OWASP as inspiration on what to build and hack. The idea behind this post is to explore web vulnerabilities both as a Bug Bounty hunter or a penetration tester, a SOC analyst / Blue teamer, …
Threat Detection Methods
To detect security threats effectively you can utilize five different threat detection methods. By organizing your threat detection by different techniques you will improve your chances of finding security threats. The different threat detection methods complement each other and are good at different angles – combining them will help you the most. Threat detection approaches …
Manual Windows anomaly detection
Manual Windows anomaly detection is always a current topic since threat actors and hackers always will target Windows computers. Knowing different tools and techniques for observing what is happening on your system is essential to be able to detect an intrusion. By continuously observing processes, DLLs, and services you will know what is normal for …
Windows services anomaly detection script
Create your own Windows services anomaly detection script in Python to detect a common technique used by real hackers to gain persistence on your computers. By running a program as a service the program gains persistence – the ability to keep running even if the computer is rebooted. The ability to detect which services are …