So many of you have asked me about what is legal and illegal in hacking/pentesting that I decided it was time to address it directly. In our discipline, we may WANT to ignore the legal consequences until they slap us upside the head, but that’s not a very prudent strategy. To help all my apprentice […]
Continue Reading
To prevent password stealing and password hacking, many applications have adopted 2FA authentication. 2FA or 2-factor authentication, requires that the user authenticate not only using a username name and password (1 factor authentication but als a second authentication method such as send a one time password (2-factor authentication) to an authenticated device such as a […]
Continue Reading
In the previous tutorial, we learned about cloud technologies and how to conduct data gathering. It’s not always the case that the user whose access you managed to obtain will be an administrator, so it’s worth learning how to perform privilege escalation in an IAM environment. It’s recommended to start from the policies: our goal […]
Continue Reading
Welcome back, my aspiring radio satellite hackers! In this series of tutorials, we will be exploring hacking satellites from a multitude of approaches. Satellites have become a ubiquitous and necessary technology in our everyday lives. They provide us with internet access, television and radio signals, location services, satellite phone service and, of course, satellite images […]
Continue Reading
Cloud technologies are great for making it easy to set up infrastructure for apps and services. Increasingly, companies and independent developers are moving their projects to AWS, Azure, or others. In this article, we’ll get familiar with the basics of cloud technologies, find out what services we can use, and analyze how hackers can gain […]
Continue Reading
Welcome back, my aspiring cyberwarriors! In our industry, we often carry around some very valuable and sensitive data. This might include a bug bounty technique, a zero-day, future plans in our cyberwar, or simply confidential information on our family and friends that they have shared with us. It is critical that this information not fall […]
Continue Reading
Introduction. We already know what a C2, or Command and Control server is and, if you are not familiar you should take a look at our first post of this series. In the first post of this series, we walked through setting up and configuring one. Now, it’s time to test its functionality and get […]
Continue Reading
Welcome back, my aspiring radio hackers! With the advent of inexpensive radio devices such as the RTL-SDR, HackRF, LimeSDR and bladeRF, the possibility of hacking radio frequency (RF) communication and control devices has been blown wide open to anyone in the cybersecurity/infosec field. Although not commonly included in penetration tests, radio hacks should be considered […]
Continue Reading
Many of our aspiring cyberwarriors have been asking for a separate digital forensics and incident response (DFIR) training program and we have responded! This new program will use many of the existing courses on our Subscriber and Subscriber Pro platform and add additional, new courses specifically for digital forensics and incident response. We recognize that […]
Continue Reading
Welcome back, my aspiring cyberwarriors! SCADA hacking and security is different from traditional hacking in numerous ways. For a review of how SCADA hacking is different, check out my article here. One of the key ways that SCADA Hacking and Security is different is that the security professional is protecting the process and not necessarily […]
Continue Reading
Sec+ is the first step to becoming a cybersecurity professional and a job requirement for many roles.
Join Master OTW for an immersive, LIVE Bootcamp at just $249 (Free for Subscribers/Pro).
Hurry – only 20 guest spots available! Don’t miss your chance to pass your first certification.
We have never offered a package like this before!
This all-in-one bundle has helped countless beginners achieve their first certifications, including Security+, CWA, and Linux Basics.
Order today and receive the updated Sec+ 701 in February at no extra cost!
Each month one purchaser will be selected to