Our team researches and documents bleeding-edge security concepts and hacking techniques. This blog explores these topics and more to keep you informed.
What is a Proxy? To be able to understand ProxyChains and how they operate, we first need to understand what a proxy is. A proxy or a proxy server is a system that acts as a “middleman” between a client and a server. It is typically used to
What is Nmap? Nmap is a console based, free port scanning and network mapping tool originally released in 1997 by Gordon Lyon. Nmap allows a user to scan remote or local networks for open ports, connected hosts, and detect what services and
Finding, implementing, and supporting cybersecurity tools and services within an organization can be a daunting task for a company of any size. There is no shortage of cybersecurity tools and services available to address just about every area of
What is Log4Shell? Log4Shell is a critical vulnerability that affects the Log4J Java logging library (versions 2.14.0 and earlier) bundled into the Apache logging services. The vulnerability allows remote code execution (RCE) by a malicious actor
Nikto is a web server and CGI scanner written in pearl. It can identify a wide array of common web application vulnerabilities and is a valuable tool during the scanning and enumeration process. It comes by default installed on kali the latest
Network security is a unique field of IT, and unlike many other IT fields, it seems almost hostile to anyone new and looking to learn about pentesting. I’ve heard several statements that boil down to “I want to learn how to be a pentester but I
Ah yes, credential stuffing! Almost as common as thanksgiving stuffing, yet as distasteful as black Friday shopping. Credential stuffing is especially effective when it’s coupled with user enumeration. The likelihood of user enumeration attacks
In this blog we discuss dangling DNS and how if left unresolved, an attacker can mar the reputation of a victim company. First let’s start by defining Domain Name System (DNS). A Domain Name System is an assortment of databases that
Bringing your own device (BYOD) is a common practice within many organizations and due to COVID-19, the adoption of BYOD has expanded. The belief that software or applications can protect data from bad actors or negligence does not always take
Latest posts
Our team researches and documents bleeding-edge security concepts and hacking techniques. This blog explores these topics and more to keep you informed.
How to Use ProxyChains
By Dre Porter | July 19, 2022 | Blog
What is a Proxy? To be able to understand ProxyChains and how they operate, we first need to understand what a proxy is. A proxy or a proxy server is a system that acts as a “middleman” between a client and a server. It is typically used to
Nmap Network Scanning Cheatsheet
By Daniel Cornett | March 12, 2022 | Blog
What is Nmap? Nmap is a console based, free port scanning and network mapping tool originally released in 1997 by Gordon Lyon. Nmap allows a user to scan remote or local networks for open ports, connected hosts, and detect what services and
Are Your Cybersecurity Investments In Tools and Services Paying Off?
By Joedy Glenn | January 14, 2022 | Blog
Finding, implementing, and supporting cybersecurity tools and services within an organization can be a daunting task for a company of any size. There is no shortage of cybersecurity tools and services available to address just about every area of
Why Critical Vulnerabilities Like Log4Shell Will Continue to Surface
By Cornel du Preez | December 14, 2021 | Blog
What is Log4Shell? Log4Shell is a critical vulnerability that affects the Log4J Java logging library (versions 2.14.0 and earlier) bundled into the Apache logging services. The vulnerability allows remote code execution (RCE) by a malicious actor
Nikto Cheatsheet and Examples
By Ryan Fisher | November 19, 2021 | Blog
Nikto is a web server and CGI scanner written in pearl. It can identify a wide array of common web application vulnerabilities and is a valuable tool during the scanning and enumeration process. It comes by default installed on kali the latest
Hacking 101: Getting Your Bearings
By Rob Waltman | August 19, 2021 | Blog
Network security is a unique field of IT, and unlike many other IT fields, it seems almost hostile to anyone new and looking to learn about pentesting. I’ve heard several statements that boil down to “I want to learn how to be a pentester but I
User Enumeration in a Production Environment – Credential Stuffing 101
By Ryan Fisher | July 19, 2021 | Blog
Ah yes, credential stuffing! Almost as common as thanksgiving stuffing, yet as distasteful as black Friday shopping. Credential stuffing is especially effective when it’s coupled with user enumeration. The likelihood of user enumeration attacks
Dangling DNS: Low Hanging Fruit with Severe Consequences
By Ryan Fisher | April 28, 2021 | Blog
In this blog we discuss dangling DNS and how if left unresolved, an attacker can mar the reputation of a victim company. First let’s start by defining Domain Name System (DNS). A Domain Name System is an assortment of databases that
Exploiting Bring Your Own Device (BYOD)
By Anthony Ralston | February 12, 2021 | Blog
Bringing your own device (BYOD) is a common practice within many organizations and due to COVID-19, the adoption of BYOD has expanded. The belief that software or applications can protect data from bad actors or negligence does not always take