Blog

Penetration Testing Wiki

RCE

RCE stands for Remote Code Execution. It is the most critical type of vulnerabilities as it means that an attacker can execute arbitrary code and take ownership of a remote account or machine.

exploit kit

An exploit kit or exploit pack is a type of toolkit cybercriminals use to attack vulnerabilities in systems so they can distribute malware or perform other malicious activities. Some known exploit kits are mpack, neutrino, angler, magnitude, RIG, nuclear, phoenix or crimepack. Usually are sold in the dark market using a subscription model (i.e. 500…
Read more

exploit

An exploit is a program or system designed to take advantage of a particular error or security vulnerability in computers or networks. Look also exploit kit.

CTF

A Capture the Flag (CTF) is a computer security competition. CTF contests are usually designed to serve as an educational exercise to give participants experience in securing a machine, as well as conducting and reacting to the sort of attacks found in the real world. Usually are structured in different levels, and each level has…
Read more

bug bounty

A bug bounty program is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities. The most important ones are: https://www.bugcrowd.com https://www.hackerone.com https://bountyfactory.io For each vulnerability sent that is eligible for bounty (i.e. it is inside the scope…
Read more

0day

Zero day or 0day is an exploit that has been released or leaked to the public before the vendor has submitted a patch for the vulnerability. That means that is being used in-the-wild by threat actors.

blue team

Blue team is an specialized group of cybersecurity professionals, experts in threats identification, cybersecurity incidents analysis, remediation and forensics. As opossed to the red team, blue team has to identify, detect and prevent cyberattacks. Usually they work inside a SOC (Security Operations Center) in 24×7 shifts. They constantly monitor SIEM and other sources of information…
Read more

red team

A red team is an offensive group of cybersecurity experts that inside an organization tries in a covert manner to gain information through several techniques as social engineering, phishing, etc and compromise several parts or completely the organization. Its counterpart is the blue team.

Petrochemical plant

OT industrial cybersecurity: ModBus protocol

OT stands for Operational Technology, contrary to the IT that is Information Technology. Inside IT we put things such as servers, computers, laptops, smartphones, etc. OT is more focused on more low-level devices that keep factory lines busy, as for instance, a PLC (Programmable Logic Controller) that can control an hydraulic valve or a nuclear…
Read more

SecDevOps: Protecting Terraform state file

Terraform is one of the most used tools to deploy Infrastructure as a Service or IaaS for short, but we have to manage it in a secure way. Some developers add the terraform state file terraform.tfstate into the repository to share it among developers easily, which turns out to be a very bad idea as…
Read more