Let me brief you about the recent happening from the cloud world and beyond!

Introduction

Gone are the days when we used to own servers or even rent them for our needs and then do scaling and other stuff manually. Now it’s all about cloud: AWS, GCP, Azure (and maybe even Oracle). It provides all the features that you might want, in a single place. Pay as you go and you get a lot of benefits: no headache of managing the infra and if things go wrong, cloud providers provide you the patches. If your workloads increase, you can get the…


Let’s briefly discuss about ChaosDB, which has been a recent highlight in the cloud world.

Introduction

Gone are the days when we used to own servers or even rent them for our needs and then do scaling and other stuff manually. Now it’s all about cloud: AWS, GCP, Azure (and maybe even Oracle). It provides all the features that you might want, in a single place. Pay as you go and you get a lot of benefits: no headache of managing the infra and if things go wrong, cloud providers provide you the patches. If your workloads increase, you can get the instances auto-scaled to serve the increased load. All seems perfect.

But what happens if…


How to develop an intuition for Mass Assignment and exploit it like a pro!

Mass Assignment vulnerability: If there is nothing preventing users from touching sensitive data, eventually an attacker will do so!

Introduction

API Security is quite different from Web App Security! And this difference is profound and led to the creation of OWASP Top 10 for API Security exclusively.

Why? Because we are seeing a shift towards API world due to the uniformity and the structure that it provides.

This approach of developing applications using APIs makes them interconnect with each other in ways we weren’t able to imagine in the pre-API world.

But as you can already imagine, what used to be internal is now exposed and this comes at a cost! …


In our lab walkthrough series, we go through selected lab exercises on our AttackDefense Platform. Premium labs require a subscription, but you can sign in for free to try our community labs and view the list of topics — no subscription or VPN required!

Performance monitoring and tracking tools can provide a wealth of information about a running system and its applications. The information can help in determining performance bottlenecks in an application and fine-tune its performance for a given architecture.

Okay, but as a security researcher, what value can I get out of these tools?

This information can also be useful for a security researcher as these tools reveal a lot of details about…


In our lab walkthrough series, we go through selected lab exercises on our AttackDefense Platform. Premium labs require a subscription, but you can sign in for free to try our community labs and view the list of topics — no subscription or VPN required!

Sysdig is a simple yet extensive tool for deep system visibility, with native support for containers.

Sysdig instruments your physical and virtual machines at the OS level by installing into the Linux kernel and capturing system calls and other OS events. Sysdig also makes it possible to create trace files for system activity, similarly to what…


In our lab walkthrough series, we go through selected lab exercises on our AttackDefense Platform. Premium labs require a subscription, but you can sign in for free to try our community labs and view the list of topics — no subscription or VPN required!

Host Intrusion Detection Systems can provide a wealth of information about a running system. They can help identify anomalies which could have been caused by a security incident and also monitor specified resources.

In this blog post, we would take a look at OSSEC HIDS logs and unearth suspicious activities.

Lab Scenario

We have set up the below…


In our lab walkthrough series, we go through selected lab exercises on our AttackDefense Platform. Premium labs require a subscription, but you can sign in for free to try our community labs and view the list of topics — no subscription or VPN required!

Host Intrusion Detection Systems can provide a wealth of information about a running system. They can help identify anomalies which could have been caused by a security incident and also monitor specified resources.

In this blog post, we would take a look at OSSEC HIDS logs and unearth suspicious activities.

Lab Scenario

We have set up the below…


In our lab walkthrough series, we go through selected lab exercises on our AttackDefense Platform. Premium labs require a subscription, but you can sign in for free to try our community labs and view the list of topics — no subscription or VPN required!

Host Intrusion Detection Systems can provide a wealth of information about a running system. They can help identify anomalies which could have been caused by a security incident and also monitor specified resources.

Introduction

The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection…


In our lab walkthrough series, we go through selected lab exercises on our AttackDefense Platform. Premium labs require a subscription, but you can sign in for free to try our community labs and view the list of topics — no subscription or VPN required!

Introduction

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments.

It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. …


In our lab walkthrough series, we go through selected lab exercises on our AttackDefense Platform. Premium labs require a subscription, but you can sign in for free to try our community labs and view the list of topics — no subscription or VPN required!

Introduction

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments.

It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. …

Shivam Bathla

Security Researcher @ Pentester Academy, https://www.linkedin.com/in/shivambathla

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store