Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. https://github.com/MobSF/Mobile-Security-Framework-MobSF
Continue readingAuthor: Severin Winkler
The Consumer Authentication Strength Maturity Model (CASMM)
This post is an attempt to create an easy-to-use security model for the average internet user. Basically, how secure is someone’s current behavior with respect to passwords and authentication, and how can they improve? People …
Continue readingEnterprise access model
This document describes an overall enterprise access model that includes context of how a privileged access strategy fits in. For a roadmap on how to adopt a privileged access strategy, see the rapid modernization plan …
Continue readingPowerShell Logging and Security
This tutorial aims to help you get PowerShell logs from your endpoints into your SIEM to protect you from modern PowerShell abuse. https://www.secjuice.com/enterprise-powershell-protection-logging/
Continue readingWas neues um an EDR vorbeizukommen – ScareCrow
ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). https://github.com/optiv/ScareCrow
Continue readingDas OWASP DevSecOps Maturity Model: Secure the Pipelines!
Schöne Darstellung des Matrix DevSecOps Maturity Model: https://dsomm.timo-pagel.de/
Continue readingEine Roadmap wie man in das Thema (Ethical) Hacking einsteigen kann…
This repository is an overview of what you need to learn penetration testing and a collection of hacking tools, resources and references to practice ethical hacking. Most of the tools are UNIX compatible, free and …
Continue readingDie größte Referenzliste an Listen zu Cyber Security Themen
Attacking & Securing Active Directory Table of Contents https://rmusser.net/docs/Active_Directory.html
Continue readingTop 16 Active Directory Vulnerabilities
Most organizations and business around the world today use Active Directory in their infrastructure as central management solution for managing their resources. But as any other similar technology, Active Directory is very complex and securing …
Continue readingPurchased Microsoft 365 E5, Now What?
The Microsoft 365 E5 suite is essentially a large amount of the products Microsoft offers for the Enterprise environment, more so focused towards the security and compliance areas.
Continue reading