Over the past decade, Azure’s presence in businesses has grown significantly as new features and support were added to Azure. The purpose of this article is to cover three main points: posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a
nccgroup/ScoutSuite
Scout Suite is a multi-cloud security auditing tool, which enables assessing the security posture of cloud environments. Using the APIs exposed by cloud providers, Scout gathers configuration data for manual inspection and highlights risk areas. github.com/nccgroup/ScoutSuite
OWASP/API-Security
This project is designed to address the ever-increasing number of organizations that are deploying potentially sensitive APIs as part of their software offerings. These APIs are used for internal tasks and to interface with third parties. github.com/OWASP/API-Security
The Githubification of InfoSec
This paper shows how a community-based approach of infosec can speed learning for defenders. Attack knowledge curated in the MITRE ATT&CK™ framework, detection definitions expressed in Sigma rules, and repeatable analysis written in Jupyter notebooks form a stackable set of practices. medium.com/@johnlatwc/the-githubification-of-infosec-afbdbfaad1d1
Phineas Phisher – Hack Back – Bank
SHARE TWEET Not a member of Pastebin yet? Sign Up, it unlocks many cool features! RAW Paste Data We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. pastebin.com/8rXhtqgr
Emutet
Emotet is one of the most active malwares nowadays, every day you can find new campaigns and new binaries. Emotet is a downloader that is able to download new modules with new features. Emotet is also used to download third party malware on infected machines. d00rt.github.io/emotet_network_protocol/
Eyeballer
Give those screenshots of yours a quick eyeballing. Eyeballer is meant for large-scope network penetration tests where you need to find “interesting” targets from a huge set of web-based hosts. github.com/bishopfox/eyeballer?utm_source=Unsupervised+Learning+Subscribers&utm_campaign=561eadbf91-EMAIL_CAMPAIGN_10_6_2019_8_57&utm_medium=email&utm_term=0_49fdb7d723-561eadbf91-495730845&mc_cid=561eadbf91&mc_eid=3db0667223
2017 State of DevOps Report
Over the past six years and more than 27,000 State of DevOps survey responses, we’ve found clear evidence that DevOps practices yield remarkable results for IT teams and organizations. puppet.com/resources/whitepaper/state-of-devops-report
API Security Testing(Part 1)
All the information mentioned in this article are of my personal and aren’t the opinions of my past or present employer. API Security Testing — It’s a little complicated area for a Pen tester on my personal experience. medium.com/@saumyaprakashrana_51250/api-security-testing-part-1-b0fc38228b93