eLearnSecurity Blog

Archives

Pentesting 101: Human OSINT

When gathering initial information, penetration testers need to focus on an organization’s human element.

In the last article, Hisomeru covered the technical aspects of Open Source Intelligence or OSINT. OSINT traditionally comes in two different forms, Technical and Human. For penetration tests, it is equally important to know the human aspect of the target network just as well as knowing the technical aspects.

Read more

Cyber Criminals Taking Advantage of Coronavirus Pandemic

Malware and phishing attacks during a global pandemic emphasize the need for trained cyber security professionals

The staggering number of new COVID-19 cases reported every day are one reminder that the world is facing massive upheaval. With an unprecedented amount of the workforce resigned to home offices and IT teams struggling to monitor activities of their co-workers, the coronavirus has also turned into a boon for cyber criminals.

Read more

The Legal Ramifications of Cyber Security Threat Intelligence Gathering

IT teams that access dark forums for cyber security intelligence are urged to use caution and practice transparency

While dark markets and the dark web can provide valuable information for cyber security professionals, organizations and individuals need to follow laws and regulations and maintain open lines of communication with law enforcement to avoid major investigative scrutiny.

Read more

eLearnSecurity’s Threat Hunting Professional Webinar is Coming

Learn more about updates to our Threat Hunting Professional Course and Watch a Live Lab Demo

eLearnSecurity will release a new version of Threat Hunting Professionals (THPv2) during a live webinar on March 24th. During the one hour webinar, course creators Dimitrios Bougioukas and Slavi Parpulov will discuss the essentials of threat hunting and outline course updates that address the modern threat landscape.

Read more

Pentesting 101: Using Shodan for Cyber Security Technical OSINT

Hisomeru’s final thoughts on Technical OSINT and gathering information in the initial penetration testing phase

If you missed missed part one or part two of our pentesting series, start there then come back to this article.

One of the most comprehensive ways to gather Technical OSINT on a penetration testing target is to use a search engine called “Shodan.” Shodan isn’t a normal search engine like Google or DuckDuckGo.

Read more

Five Skills That Will Boost Your Pentesting Career

Finding your cyber security dream job starts with the proper training pathway.

Penetration testing is a fulfilling and lucrative position within the cyber security industry. Otherwise known as ethical hackers, pentesters work with companies to exploit weaknesses in their network, systems, and applications to ultimately create a safer online environment.

Read more

Pentesting 101: More Domain Tools

Tools of the trade for cyber security professionals

In the first article in eLearnSecurity’s introduction to pentesting methodology, Hisomeru discussed why Technical OSINT is foundational to penetration testing and introduced tools to gather information from a client. In this article, Hisomeru continues the discussion on how to collect Technical OSINT.

Read more

Penetration Testing 101

An Introduction to Cyber Security Methodologies

This is a new series of articles that will cover the complete penetration testing methodology based largely on case studies of previous hacks. These articles will cover initial reconnaissance, picking an attack vector, gaining a foothold, maintaining presence, lateral movement, and finally going after the prize.

Read more

Go to top of page