Search Results

The Cyber Assessment Framework (CAF) is an extensive framework of fourteen principles used to assess the risk of various cyber threats and an organisation's defences against these. The framework applies to organisations considered to perform "vitally import...

The ROE is a document that is created at the initial stages of a penetration testing engagement. This document consists of three main sections (explained in the table below), which are ultimately responsible for deciding how the engagement is carried out. Th...

Hat Category Description Example White Hat These hackers are considered the "good people". They remain within the law and use their skills to benefit others. For example, a penetration tester performing an authorised engagement on a company. ...

Black-Box Testing This testing process is a high-level process where the tester is not given any information about the inner workings of the application or service. The tester acts as a regular user testing the functionality and interaction of the applicatio...

The CIA triad is an information security model that is used in consideration throughout creating a security policy. This model has an extensive background, ranging from being used in 1998. This history is because the security of information (information secur...

It is vital to administrate and correctly define the various levels of access to an information technology system individuals require.  The levels of access given to individuals are determined on two primary factors: The individual's role/function within t...

Before discussing security models further, let's recall the three elements of the CIA triad: Confidentiality, Integrity and Availability. We've previously outlined what these elements are and their importance. However, there is a formal way of achieving this. ...

Threat modelling is the process of reviewing, improving, and testing the security protocols in place in an organisation's information technology infrastructure and services. A critical stage of the threat modelling process is identifying likely threats that a...

Penetration tests can have a wide variety of objectives and targets within scope. Because of this, no penetration test is the same, and there are no one-case fits all as to how a penetration tester should approach it.  The steps a penetration tester takes dur...

SecLists: Lists with Usernames, Passwords, Patterns

PayloadsAllTheThings: Misc payloads and bypasses

https://pwnagotchi.ai/ Raspi w. Battery and display AI WiFi Pwning

https://flipperzero.one/ Buy here (165€) Universal Swiss Army Knife (BLE, NFC, IR, RF, GPIO, ...)

https://proxmark.com/ NFC Multitool

Covered in this PDF: https://www.monitoringtimes.com/antennabook.pdf

Firmware IJV-Mod v3: https://www.universirius.com/en_gb/preppers/quansheng-uv-k5-manuale-del-firmware-ijv_v3/