-
Linux Security Best Practices
Unfortunately, very few Linux distributions do this, which means that many systems are inherently insecure due to outdated kernels. To avoid this issue, make…
-
Cross-Site Request Forgery (CSRF) Protection in Rails
So what is CSRF? It stands for Cross-Site Request Forgery and it basically means someone can trick you into doing something on a website…
-
Analyzing Data for Security Purposes Using Python
I heard it’s a popular language in cybersecurity and would love to learn more about it. Python is indeed an incredibly versatile programming language…
-
CodeQL’s False Positives and How to Report Them
Don’t Worry, for I have some tips to help you avoid them (or at least report ’em properly). To start: what are these dastardly…
-
Centralizing Server Authentication Logs for Better Security and Insights
Configure Vector to parse your auth.log file using regular expressions. This will allow you to extract key information such as username, error messages, and…
-
Web Shells in Adversarial Context
Basically, a web shell is like having your own personal backdoor into someone’s website or server. It allows you to execute commands remotely, which…
-
Microsoft Office Templates and Persistence
They’re great if you need a quick start on something or want to save time by not having to create everything from scratch. But…
-
KernelCallbackTable Hijacking Techniques
It’s like when your friend borrows your car but then changes the radio station without asking. Except in this case, it’s way more dangerous…
