One of the most underrated resources in your toolkit as an I.T. Professional is your ability to take notes. Ironically, this is also one of the least mentioned skills discussed when learning the fundamentals of anything new. We often get asked a variety of questions...
The year 2022 has wrapped up and I find it helpful to share some of the most common findings I have encountered throughout the year. Some of these may not be surprising as they are covered in almost every cybersecurity awareness training course there is. However, it...
Prototype pollution allows an attacker to modify the prototype of an object. This means we can potentially assign new properties or methods to an object. Furthermore, we may be able to overwrite existing properties. If you’re unfamiliar with prototypes and...
As with any industry, with jargon comes confusion and misunderstanding. 2022 saw a huge rise in the popularity of the buzz-word “Red Team”, but what is the essence of a Red Team? Popular opinion on social media may say “it’s a pentest with no scope,” but that’s a...
When on the cusp of receiving an external penetration test, clients want to prepare themselves for it. We often get asked what’s the easiest way to improve their score before the engagement has begun. Below are the top 3 ways to improve your external penetration...