Using wireshark, let’s do some hands on practice of investigating internet / network trafic. Specifically investigating IPV4 and IPV 6 Header information. I have run my wireshark Version 4.4.2 and immediately I was welcomed with a nice simple panel. The window was divided into two and the one below showd me some continuing heartbeat lines….
Managing files in Python is a fundamental skill, especially for tasks like analyzing logs, processing configuration files, or handling malware samples. Security analysts often need to manipulate files to extract information, monitor changes, or automate repetitive tasks. File Management in Python: Overview File Management Use Cases for Security Analysts 1. Analyzing Log Files Security analysts…
Regular Expressions (Regex): A Detailed Explanation and Use Cases for Security Analysts Regular Expressions (Regex) are sequences of characters used for pattern matching within strings. They are a powerful tool for searching, extracting, and manipulating text data, commonly used in security operations for log analysis, detecting malicious patterns, and rule creation. Regex Basics Examples and…
Wireshark and tcpdump are both powerful network protocol analyzers, but they have distinct characteristics and use cases. Here are the key differences and similarities between them: Differences User Interface Wireshark offers a graphical user interface (GUI), making it more user-friendly and visually intuitive1. tcpdump, on the other hand, is a command-line interface (CLI) tool, which can…
With the recent series of phone company and internet provider hacks, hackers now have a lot of customer data at their disposal. Using this information in a targeted hack is possible. Although I cannot generalize this type of attack, as a security specialist, I have to consider any attack vectors possible. And this one might…
The PASTA (Process for Attack Simulation and Threat Analysis) threat modeling framework does not explicitly define a specific set of security controls. Instead, it provides a comprehensive methodology for identifying and analyzing threats, which then informs the selection and implementation of appropriate security controls. However, based on the PASTA methodology, we can identify several categories…
The Process for Attack Simulation and Threat Analysis (PASTA) is a comprehensive, risk-centric threat modeling framework that consists of seven stages. To illustrate this framework, let’s follow the story of TechGuard, a growing software company developing a new cloud-based financial management application. Stage 1: Define Objectives TechGuard’s leadership gathers to set clear business and security…
SQL injection is a cybersecurity vulnerability where attackers insert malicious SQL code into application inputs to manipulate or access database information. Let’s explore the types of SQL injections and prevention methods, then illustrate these concepts through a story set in medieval Japan. Types of SQL Injection Prevention Methods The Tale of the Ninja and the…
To understand hashing and its related attack types, let’s follow the story of SecureTech, a growing software company, and their journey to protect their digital assets. The Hashing Fortress SecureTech uses hashing to secure user passwords and verify data integrity. Hashing is a process that converts input data of any size into a fixed-length string…
When I was a kid, I found an old briefcase in my father’s stash. It was locked with a double 3-digit combination. The secrecy of its contents made me more curious and determined. My childish mind whispered, “Why not try all possible combinations, one by one? Start with ‘000-000’, then ‘000-001’, then ‘000-002,’ and so…