Office 365 Secure Configuration Framework by The National Cyber Security Centre (NCSC), february 2023
This document provides Office365 specific guidance to those implementing the Cyber Security Baseline Standards. The controls & maturity levels described in this document are guidance and, as per the Public Sector Cyber Security Baseline Standards, are intended to create an acceptable security standard and form a broad framework for a set of measures which can be revised over time. The framework model follows a holistic and comprehensive approach to the issues related to Cyber Security which combines the best of various standards to address the needs of key stakeholders.
#windows #hardening #docs
This document provides Office365 specific guidance to those implementing the Cyber Security Baseline Standards. The controls & maturity levels described in this document are guidance and, as per the Public Sector Cyber Security Baseline Standards, are intended to create an acceptable security standard and form a broad framework for a set of measures which can be revised over time. The framework model follows a holistic and comprehensive approach to the issues related to Cyber Security which combines the best of various standards to address the needs of key stakeholders.
#windows #hardening #docs
👍3
Office 365 Secure Configuration Framework.pdf.pdf
2.7 MB
Office 365 Secure Configuration Framework by The National Cyber Security Centre (NCSC), february 2023
👍3🔥1
The Software Developer’s Career Handbook by Michael Lopp, 2023
A Guide to Navigating the Unpredictable
At some point in your career, you'll realize there's more to being a software engineer than dealing with code. Is it time to become a manager? Or join a startup? In this insightful and entertaining book, Michael Lopp recalls his own make-or-break moments with Silicon Valley giants such as Apple, Slack, Pinterest, Palantir, Netscape, and Symantec to help you make better, more mindful career decisions.
With more than 40 stand-alone stories, Lopp walks through a complete job lifecycle, starting with the interview and ending with the realization that it might be time to move on. You'll learn how to handle baffling circumstances in your job, understand what you want from your career, and discover how to thrive in your workplace.
#book #job #world
A Guide to Navigating the Unpredictable
At some point in your career, you'll realize there's more to being a software engineer than dealing with code. Is it time to become a manager? Or join a startup? In this insightful and entertaining book, Michael Lopp recalls his own make-or-break moments with Silicon Valley giants such as Apple, Slack, Pinterest, Palantir, Netscape, and Symantec to help you make better, more mindful career decisions.
With more than 40 stand-alone stories, Lopp walks through a complete job lifecycle, starting with the interview and ending with the realization that it might be time to move on. You'll learn how to handle baffling circumstances in your job, understand what you want from your career, and discover how to thrive in your workplace.
#book #job #world
👍4
OReilly.The.Software.Developers.Career.Handbook.pdf
2.8 MB
The Software Developer’s Career Handbook by Michael Lopp, 2023
👍5
Linux permissions control who can access and manipulate files and directories on a system. They are a critical aspect of Linux security and are represented by a series of letters and symbols when you view file listings using the "ls -l" command. Here's a breakdown of Linux permissions:
File Types: The first character in the permission string represents the file type:
-: Regular file
d: Directory
l: Symbolic link
c: Character device file
b: Block device file
p: Named pipe (FIFO)
s: Unix domain socket
Permissions: After the file type character, you have three sets of permissions, each consisting of three characters:
The first set represents permissions for the owner of the file.mThe second set represents permissions for the group associated with the file. The third set represents permissions for others (everyone else)
🔹r: Read permission (viewing the file's content)
🔸w: Write permission (editing or deleting the file)
🔺x: Execute permission (running the file if it's a noscript or binary)
#linux
File Types: The first character in the permission string represents the file type:
-: Regular file
d: Directory
l: Symbolic link
c: Character device file
b: Block device file
p: Named pipe (FIFO)
s: Unix domain socket
Permissions: After the file type character, you have three sets of permissions, each consisting of three characters:
The first set represents permissions for the owner of the file.mThe second set represents permissions for the group associated with the file. The third set represents permissions for others (everyone else)
🔹r: Read permission (viewing the file's content)
🔸w: Write permission (editing or deleting the file)
🔺x: Execute permission (running the file if it's a noscript or binary)
#linux
👍9🔥3
Linux Bash Shell Cheat Sheet
It works with about every distribution, except for apt-get which is Ubuntu/Debian exclusive
#book
It works with about every distribution, except for apt-get which is Ubuntu/Debian exclusive
#book
👍6
Burp Suite Plugin Development Guide by Joas Antonio Dos Santos
Learn Burp Suite Plugin Development from Scratch. This is a short guide with 8 chapters starting with Hello-World Burp Suite plugin to Creating a plugin with Tabbed UI. This book contains chapters which in detail discusses about What Are Extender APIs, how those Extender APIs can be leveraged to create functionality of your choice.
Official page
The book
#web
Learn Burp Suite Plugin Development from Scratch. This is a short guide with 8 chapters starting with Hello-World Burp Suite plugin to Creating a plugin with Tabbed UI. This book contains chapters which in detail discusses about What Are Extender APIs, how those Extender APIs can be leveraged to create functionality of your choice.
Official page
The book
#web
👍5
Burp Suite Plugin Development.pdf
1.3 MB
Burp Suite Plugin Development Guide by Joas Antonio Dos Santos
🔥4👍1
SQL Injection Strategies: Practical techniques to secure old vulnerabilities against modern attacks by Ettore Galluccio, Edoardo Caselli, Gabriele Lombari, 2020
Learn to exploit vulnerable database applications using SQL injection tools and techniques, while understanding how to effectively prevent attacks.
You'll start with a thorough introduction to SQL injection and its impact on websites and systems. Later, the book features steps to configure a virtual environment, so you can try SQL injection techniques safely on your own computer. These tests can be performed not only on web applications but also on web services and mobile applications that can be used for managing IoT environments. Tools such as sqlmap and others are then covered, helping you understand how to use them effectively to perform SQL injection attacks.
#book #web
Learn to exploit vulnerable database applications using SQL injection tools and techniques, while understanding how to effectively prevent attacks.
You'll start with a thorough introduction to SQL injection and its impact on websites and systems. Later, the book features steps to configure a virtual environment, so you can try SQL injection techniques safely on your own computer. These tests can be performed not only on web applications but also on web services and mobile applications that can be used for managing IoT environments. Tools such as sqlmap and others are then covered, helping you understand how to use them effectively to perform SQL injection attacks.
#book #web
🔥7👍2❤1
SQL Injection Strategies.pdf
15.7 MB
SQL Injection Strategies: Practical techniques to secure old vulnerabilities against modern attacks by Ettore Galluccio, Edoardo Caselli, Gabriele Lombari, 2020
👍7
PhoneSploit Pro - PhoneSploit with Metasploit Integration
An all-in-one hacking tool written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework.
GitHub
#pentest #hacktools #metasploit #mobile
An all-in-one hacking tool written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework.
GitHub
#pentest #hacktools #metasploit #mobile
👍7
OWASP ZAP: Website Hacking & Penetration Testing Course by Sagar Raghuwan, Udemy, 2022
Ripped by Hide01 (Iran)
Learn all about web application penetration testing and website hacking
This course covers web application attacks and how to earn bug bounties. There is no prerequisite of prior hacking knowledge and you will be able to perform web attacks and hunt bugs on live websites and secure them.
This course is not like other hacking or penetration testing course with outdated vulnerabilities and only lab attacks. This contains maximum live websites to make you comfortable with the Live Hunting Environment. This course will start from basic principles of each vulnerability and How to attack them using multiple bypass techniques, In addition to exploitation, you will also learn how to fix them.
This course is completely focused over pen testing web applications with ZAP.
Password: @redbluehit
Official page
#education
Ripped by Hide01 (Iran)
Learn all about web application penetration testing and website hacking
This course covers web application attacks and how to earn bug bounties. There is no prerequisite of prior hacking knowledge and you will be able to perform web attacks and hunt bugs on live websites and secure them.
This course is not like other hacking or penetration testing course with outdated vulnerabilities and only lab attacks. This contains maximum live websites to make you comfortable with the Live Hunting Environment. This course will start from basic principles of each vulnerability and How to attack them using multiple bypass techniques, In addition to exploitation, you will also learn how to fix them.
This course is completely focused over pen testing web applications with ZAP.
Password: @redbluehit
Official page
#education
👍4
OWASP_ZAP_Website_Hacking_&_Penetration_Testing_Course_@RedBlueHit.zip
561 MB
OWASP ZAP: Website Hacking & Penetration Testing Course by Sagar Raghuwan, Udemy, 2022
👏4👍3🔥1
Forwarded from CyberSecBastion
👍5😱1
Forwarded from CyberSecBastion
Cloud Security Practical Guide .pdf
21.5 MB
Practical Guide to AWS Cloud Security by SANS, 2023
🔥4👍2
Forwarded from CyberSecBastion
Hacking and securiting Docker containers by Srinivasarao Kotipalli, Raksha Kannusami, Abhijeth Dugginapeddi, The Offensive Lab, 2023
#book #AttackDefense
#book #AttackDefense
👍4🔥4