Collection of some interesting Google dorks - github.com/CorrieOnly/goo… #infosec #bugbountytips #cybersecurite

This repository contains all the Incident Response Playbooks and Workflows of Company's SOC. gitlab.com/syntax-ir/play…

Do you know you can get bounties for geolocating images? Simply find the coordinates where the uploaded pictures were taken📍 It looks impressive & promising, check it out & share your experience! geodetective.io Author: reddit.com/user/geodetect… #OSINT #GEOINT #INTEL

Threat hunters and Detection Engineers should be following this Pod! dcppodcast.com/links Notable guests: Olaf Hartong (LOLBas): youtu.be/47pwrsMucSg Roberto Rodriguez 🇵🇪 (MSTIC): youtu.be/6kZ99A8iXVo Dr. Anton Chuvakin (SIEM thought leader): youtu.be/SUVXVwAnsAg

Black Hat USA 2023 slides github.com/onhexgroup/Con…

Microsoft has observed a new version of the BlackCat ransomware being used in recent campaigns. This version includes the open-source communication framework tool Impacket, which threat actors use to facilitate lateral movement in target environments.

📧 Email address #OSINT Tools: 🔥Data leak 🔥Email validation 🔥Accounts linked to Email ✔️ epieos.com ✔️leakpeek.com ✔️dehashed.com ✔️osint.industries ✔️castrickclues.com ✔️snov.io/email-finder ✔️breachdirectory.org

Attempts to Sign in to Disabled Accounts let threshold = 3; let aadFunc = (tableName:string){ table(tableName) | where ResultType == "50057" | where ResultDescription =~ "User account is disabled. The account has been disabled by an administrator." | summarize StartTime =

Types of VPNs

From Zero to Google Dorking Hero: Enhancing Your OSINT Arsenal | by Ron Kaminsky | Aug, 2023 | OSINT TEAM osintteam.blog/mastering-osin…

A little while ago I wrote a potential AiTM detection, some people mentioned you couldn't turn it into a detection rule in Advanced Hunting because of the way M365 Defender maps fields, so I have added a version you can use as a detection - github.com/reprise99/Sent…

Handy query to find if multiple users have registered the same phone number for MFA, which is a common adversary tactic. This can happen for legitimate reasons too of course, but definitely worth having a look at - github.com/reprise99/Sent…

want to look for lateral movement via WMI? Don't worry cyber tweeps.. I got ur backs! Try using KQL and #Microsoft #Defender for Endpoint (MDE) DeviceNetworkEvents | where Timestamp > ago(24h) | where RemotePort == "135" | where ActionType == "ConnectionSuccess" | where

Useful resources for SOC Analyst and SOC Analyst candidates. github.com/LetsDefend/awe…

Here's one for your bookmark folks. There are some nuances to be aware of when you are using password hash sync and password write-back. TLDR; ✅ To provide the best experience to your users, you should have your help desk team move to using the Microsoft Entra portal instead

Complete CISSP Training for FREE: CISSP certification is a highly prestigious and Globally recognized certification in the information security industry. Here are Free Training Covering CISSP Complete 8 Modules: -Security and Risk Management. -Asset Security. -Security

See below query If you want to hunt/detect MFA Fatigue attempts: AADSignInEventsBeta | where Timestamp > ago(1h) //Error Code : 50088 : Limit on telecom MFA calls reached //Error Code : 50074 : Strong Authentication is required. //Error Code : 50058 : User is authenticated but

CISSP Certification FREE Course! A Complete CISSP 8 Domains Course for FREE. The CISSP certification is a prestigious credential demonstrating a professional's knowledge and expertise in information security. On average a CISSP certification holder earns about $131,030

Key Points from the #Verizon #Business #2024 #DBIR #Report: 1.Surge in Vulnerability Exploitation: In 2023, vulnerability exploitation increased by 180%, causing 14% of breaches, including the MOVEit breach.

Remote work is the future. 7 Remote Jobs without Interviews can help you make $100K+/year: (number 3 is easiest)