The New Frontiers of Cybersecurity – Exponential Increase in Complexity
What’s behind the growing complexity plaguing security teams today and what can be done to combat it (Part 3 of 3)? The post The New Frontiers of Cybersecurity – Exponential Increase in Complexity appeared first on SafeBreach ... Read More
The New Frontiers of Cybersecurity – Attack Surface Explosion
What’s behind today’s unprecedented attack surface explosion, and how can cybersecurity teams address this growing threat landscape (Part 2 of 5)? The post The New Frontiers of Cybersecurity – Attack Surface Explosion appeared first on SafeBreach ... Read More
The New Frontiers of Cybersecurity – How Did We Get Here?
Explore the reasons malicious actors have been able to dramatically enhance their ability to execute and profit from attacks (Part 1 of 5). The post The New Frontiers of Cybersecurity – How Did We Get Here? appeared first on SafeBreach ... Read More
Defending Against Hacking’s Long Game: It Ain’t Over Till It’s Over
In the third quarter of Super Bowl LI, the New England Patriots trailed the Atlanta Falcons by a score of 28-3. History was against the Patriots’ chances of rallying for a comeback win. No team had ever overcome such a large deficit — especially so late in the game — ... Read More
Pythonect Has New Graphs, Documentation, Tutorial, and More!
About two weeks ago I have released a new version of Pythonect (0.6) with new features, documentation, tutorial, and an (small, but growing) example directory.I’d like to take this opportunity to discuss the past, present and future of the Pythonect Project.Nearly 2 years ago I started working on Pythonect with ... Read More
Hackersh 0.1 Release Announcement
I am pleased to announce the Official 0.1 launch of Hackersh ("Hacker Shell") - a shell (command interpreter) written in Python with built-in security commands, and out of the box wrappers for various security tools. It uses Pythonect as its scripting engine. Since it's the first release of Hackersh, I'd ... Read More
Password Policy: You Are Doing It Wrong (When 2^56 Becomes 2^42)
They say the road to hell is paved with good intentions. This is often the case with non-standard password policies. About a month ago I visited my "favorite airplane company" website, and after successfully logging with my Frequent Flyer credentials, I've been redirected to an Update Password page where I've ... Read More
Scraping LinkedIn Public Profiles for Fun and Profit
Reconnaissance and Information Gathering is a part of almost every penetration testing engagement. Often, the tester will only perform network reconnaissance in an attempt to disclose and learn the company's network infrastructure (i.e. IP addresses, domain names, and etc), but there are other types of reconnaissance to conduct, and no, ... Read More
Fuzzing Like A Boss with Pythonect
In my previous post Automated Static Malware Analysis with Pythonect, I wrote about how to use Pythonect to automate static malware analysis. In this post I'll describe how to use Pythonect and all of its perks to fuzz file formats, network protocols, and command line arguments. The examples provided are ... Read More
Automated Static Malware Analysis with Pythonect
About 5 months ago I have released the first version of Pythonect - a new, experimental, general-purpose high-level dataflow programming language based on Python, written in Python.It aims to combine the intuitive feel of shell scripting (and all of its perks like implicit parallelism) with the flexibility and agility of ... Read More
