What is DoS?

I’ve covered this in a few earlier posts, but DoS stands for Denial-of-Service. Denial-of-Service is a type of cyber attack technique where the attacker attempts to disrupt the availability of a service, application, or company. DoS attacks generally exist in one of two broad categories, Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS). Both have the same general intent in mind, but they take very different forms. Within the DoS there are a Network based attacks and Application based attacks.

Application layer attacks, also sometime called Layer 7 attacks, involve putting operational strain on the software serving the requests in such a way that it cannot handle additional requests — this is what we’ll be looking at with the ReDoS attack. …

The Setup

Imagine this, you’re a developer at Super corp. You’re working on a new web application and you’re planning on building it using Flask. Like many Macbook Pros, your laptop has some keyboard issues. No biggie. Typing like the wind, you try to install flask using pip. However, instead of typing pip install flask you end up with pip install flaskk.

The install completes in just a second, but you notice the typo. You uninstall flaskk and give the install a second try with the appropriate number of k’s. …

I’ve always been fascinated by how other Cybersecurity professionals ended up in their roles. For some it was a childhood dream to be a hacker (or catch hackers) after watching an old school hacker movie, others fell into roles organically after a career in enterprise IT, and if we’re being honest, some are in it for the money. With record shortages in skilled security personnel, the field is growing with more and more diverse people with different backgrounds.

I’ve always enjoyed my own origin story (though I may be biased), partially because it was so unexpected. Here it is.

Notice: Any names and specific details have been changed due to privacy concerns. …

First, what is cloud sprawl?

Cloud sprawl is the lack of controls against the expansion of an organization’s cloud instances, services or providers.

What are the dangers?

While instances and services are managed differently than providers, the lack of effective controls on any of these is a cause of concern for organizations.

A lack of visibility and control around the volume and types of instances and services offered by a Cloud Service Provider (CSP) is dangerous from a cost perspective as any unnecessary or untracked usage that is not contained can pose a serious financial burden. …

If you’ve done much Python development you’re probably familiar with importing dependencies using pip, or even easy_install, if you’ve been at this for awhile. Whether you were aware of it or not, these dependencies likely came from the public Python Package Index (PyPI) or perhaps an internal mirror of the PyPi repository that is hosted by your company.

What you may not have been aware of is how these dependencies are actually packaged, delivered, and installed, and the differences between the different distribution types available for Python.

The Primary Distribution Types

There are two primary distribution types in use today, Built Distributions and Source Distributions. …

Whether you’re a student, studying for certification, or a vulnerability management pro, finding cheap tools to satisfy educational requirements or satiate your scanning curiosity can be difficult. In this post I’ll be looking at my top 5 free vulnerability assessment tools.

Network Scanning vs. Vulnerability Assessment vs. Vulnerability Management

This terminology can get a little confusing. Network Scanning can often be boiled down to the act of port scanning and mapping a network. Vulnerability Assessment is one step beyond network scanning where there is an additional step to identify services and test for vulnerable software. Finally Vulnerability Management is the process of identifying, prioritizing, and remediation vulnerabilities detected in a network. …

⚠️This code in this post is meant for education purposes ONLY! f you don’t own or have explicit permission to do penetration testing against an application, DO NOT USE THIS CODE⚠️

What is a Tarbomb?

A tarbomb can actually be a few different things. One common definition is similar to the XML bomb we looked at previously which expands from a small file into a very large object in memory, in this case the tar archive contains many, many files which flood the file system when extracted. …

Technology is inundated with acronyms, and cybersecurity egregiously so. Here’s a quick cheatsheet you help you through your next certification, job interview, or day job. I’ve broken these down into categories here, but as always CTRL-F is your friend here.

I’ve purposely excluded protocols and crypto-related terminology from this list. Please feel free to share anything you think I should include in the comments or if you’d like to see a more complete extension of this list.

The Classics

CIA

Also know as AIC, ICA, or the CIA Triad. This isn’t the US intelligence agency, but rather stands for Confidentiality, Integrity, and Availability, which are considered by many to be the primary pillars of Cybersecurity. …