white2hack 📚

Infosec Strategies and Best Practices Gain proficiency in information security using expert-level strategies and best practices by Joseph MacMillan, 2023 The book starts by helping you to understand the core principles of information security, why risk management is important, and how you can drive information security governance. You'll then explore methods for implementing security controls to achieve the organization's information security goals. As you make progress, you'll get to grips with design principles that can be utilized along with methods to assess and mitigate architectural vulnerabilities. The book will also help you to discover best practices for designing secure network architectures and controlling and managing third-party identity services. Finally, you will learn about designing and managing security testing processes, along with ways in which you can improve software security. #book

Zed Attack Proxy Cookbook Hacking tactics, techniques, and procedures for testing web applications and APIs by Ryan Soper, Nestor N Torres, Ahmed Almoailu, 2023 Maintaining your cybersecurity posture in the ever-changing, fast-paced security landscape requires constant attention and advancements. This book will help you safeguard your organization using the free and open source OWASP Zed Attack Proxy (ZAP) tool, which allows you to test for vulnerabilities and exploits with the same functionality as a licensed tool. By the end of this ZAP book, you’ll be able to install and deploy ZAP, conduct basic to advanced web application penetration attacks, use the tool for API testing, deploy an integrated BOAST server, and build ZAP into a continuous integration and continuous delivery (CI/CD) pipeline. The file is provided for reference only. Trial period of use - 3 days. Please, buy a license copy! #book

Mastering Kali Linux for Advanced Penetration Testing**, Fourth Edition by Vijay Kumar Velu, 2023 Apply a proactive approach to secure your cyber infrastructure and enhance your pentesting skills #kali #book #pentest

Повышение привилегий на узлах локальной сети (в ОС Windows), 2023 #pentest #windows

sqlmap cheat sheet, 2023

Hack The Box CheatSheet #pentest #CTF

В армии как в кибербезе, на словах могут быть первая армия мира, топ вооружения, лучшие пройессиональные обученные бойцы, а по факту бутафория😅 так Red Tea, SoC, все приблуды, но "поломались" на какой-нибудь мелочи.. Всем мирного мира! И безопасных данных! #fun

Exploiting Reversing (ER) series: article 01 The first article (109 pages) in the Exploiting Reversing (ER) series Source #reverse

How Safe Is Your Password? Infographic by Statista #useful

Android Penetration Testing, 2023 Deep Link Exploration #pentest

Defense Evasion. Hide Artifacts (MiTRE ID:T1564) An artifact can simply be defined as an important system file, which thus includes documentation, test plans, images, and even some executable modules. Operating systems have a feature to hide these artifacts in order to avoid disrupting user work environments and prevent users from changing files or features on the system. However, an attacker can abuse these functionalities in order to carry out his evil intents by hiding these artifacts, which thus provides a clear path to evade detection. Let’s try to understand the above statement by taking a simple example. Once the attacker has his payload hidden, he can now carry it out for his malicious intent by tricking the system administrator. With that said, let’s have a look at the various approaches that the attackers take to evade their presence. #pentest