In this blog post, we will see the solution of a Hack-The-Box reversing challenge called “Impossible Password”. Its been a long time solving some reversing puzzles :)
In this post, I will show how I resolve the machine called Brainfuck. The difficulty of this macihne is hard.
In this post, I will show how I resolve the machine called LAME. The difficulty of this macihne is easy. This is my first post about the hack the box machines. I will write more writeups about HTB macihnes.
Vulnerability scan tools you identify vulnerabilities in your infrastructure. You can perform manual and automated scans. But, in some cases, you may need to integrate your scannner with another tool such as devops pipeline (jenkins) or VM build pipeline.
if you are using Docker in your local or remote ennvironment, sometimes you might have trouble to manage Docker images and containers. I want to share a small cheatsheet that I used. I think this is very short and usefull cheatsheet.
Secret scanning is an essential process before application deployment. You need to check any information left in the code, such as password, keys, etc. There are many tools to identify secrets. Whispers are one of those tools, and it is opensource. But this is a command-line tool.
Nexpose has lots of features to generate reports. But in some cases, the features in the UI may not be useful for you. You may need to create custom reports for your vulnerability management process. Also, you may need to generate a custom data related to your organization.
Database security is the relevant topic that has been in discussion on security personnel. The increasing number of incidents dictates that it should be noticed immediately. Database security should offer a protected and controlled access to the users and should maintain the overall data quality.