In this video, we will explore 6 key technologies organizations use to mitigate Distributed Denial of Service (DDoS) attacks. We’ll also cover an overarching strategy to enhance resilience against these persistent threats. Each approach offers unique benefits and plays a critical role in building a comprehensive defense. These defenses help protect against disruptive cyberattacks thatContinue reading “Video: DDoS Mitigation Technologies”
Tag Archives: blue team
Blue Team Googledorks: Attack Tools
Github is an amazing place to organize and publish programming code (plus a lot more things like lists of resources or a community-written howto.) Exploit developers are actively creating cutting-edge attack tools here. The Googledork contains either: You can add in any other kinds of attacks that are relevant to you, just add them withContinue reading “Blue Team Googledorks: Attack Tools”
Blue Team Googledorks: Credential Dumps on Pastebin
A credential dumps is a list of usernames (usually email addresses) and their related passwords. They might have additional information such as address, credit card details, etc. And amazingly, some attackers and attack tools publish this information to Pastebin. Pastebin is a site that allows you to paste text into it, get a unique URLContinue reading “Blue Team Googledorks: Credential Dumps on Pastebin”
Blue Team Googledorks: Web Attacks
After starting a CSIRT for a CDN and web security vendor, I ran into a scenario where I needed to be able to find customers that had public security incidents that we could help them out plus we needed a way to find and track incidents for companies that weren’t customers. To use this Googledork,Continue reading “Blue Team Googledorks: Web Attacks”
Blue Team Googledorks: Online Account Checkers
Building on the concepts from our Account Checker Tutorial, a logical next step is to broaden our search to uncover other software tools and the communities that develop and use them. You’ll find numerous websites offering tools, ranging from direct downloads to Software-as-a-Service (SaaS) models for basic functionalities. Mastering the ability to locate these sitesContinue reading “Blue Team Googledorks: Online Account Checkers”
Blue Team Googledorks: Account Checker Tutorials
There is an activity called “Credential Stuffing that is very, very common for website owners to see. It starts with a list of usernames and passwords that you got from a data breach, phishing, trading with others, or buying on the Dark Web. You then put the list into a tool like MBA Sentry thatContinue reading “Blue Team Googledorks: Account Checker Tutorials”
New Blog Section: Blue Team Googledorks
Introduction to Googledorking Googledorking is the act of using Google advanced search operators in order to more finely tailor your searches. It’s good for general-purpose searches but where it really shines is when you start to use it in security operations in addition to other Cyber Threat Intelligence (CTI) activities and collection. Googledorking is aContinue reading “New Blog Section: Blue Team Googledorks”