Our great sponsors
-
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
-
CTF-Difficulty
This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
If you have the time and resources for it, consider setting up a complex lab environment (https://github.com/microsoft/MSLab is a helpful starting point) with a few different types of targets. Within that environment, you can break whatever you want, try different hardening techniques, etc. I like to use that type of lab to test detection capabilities and scripted/triggered automations using sysmon, wazuh, and caldera.
Related posts
- Books for pentesting and bug Bounty
- TryHackMe a good starting point?
- Best Web Application Security Training/Tutorial/Certificate for someone who already has OSCP but would like to go a bit more into web and has an annual budget of 5k to spend on any training?
- What’s a better way to get my foot in the door, tryhackme or hackthebox?
- Starting to learn cyber security