DLL Side-loading Attack
This post explains what is a DLL side-loading attack in the context of IT security. What is a DLL Side-loading Attack? A Dynamic Linked Library (DLL) is a file that is used on Windows systems to group functions. By…
Category Cybersecurity
Penetration Testing Methodologies
This post features penetration testing methodologies. Take into account that penetration or IT security testing may be consider a subset of quality assurance. You can read about IT security testing frameworks on this post. You can read about secure software…
Anonymity Networks
This post lists some anonymity networks: Tor / Onionland Freenet I2P ZeroNet Tor / Onionland Tor network is sometimes known colloquially as “onionland” because of the onion routing technology it uses. Official website Freenet Official website I2P Official website ZeroNet…
ISO/IEC 27001 Lead Implementer Certifications
ISO/IEC 27001 is an international standard to implement an ISMS in an organizations. It is issued jointly by International Organization for Standarization (ISO) and International Electrotechnical Commission (IEC). Professionals that want to get the knowledge to implement ISO/IEC 27001 and be…
Certifications for Windows Security Administration
This post lists some professional certifications for administration of Windows operating systems. List of certifications for Windows administration: Microsoft Certified: Security Operations Analyst GIAC’s GCWN Microsoft 365 Certified: Security Administrator Associate Microsoft 365 Certified: Modern Desktop Administration Associate List of…
How to get CISSP-ISSAP certification
CISSP-ISSAP (Information Systems Security Architecture Professional) is a certification issued by (ISC)2. CISSP (Certified Information Systems Security Professional) is another certification issued by (ISC)2 that is a pre-requirement for CISSP-ISSAP. A certification that requires CISSP as a pre-requirement is called…
How to get GDSA Certification
GIAC Defensible Security Architecture (GDSA) is an IT certification provided by Global Information Assurance Certification (GIAC), that is linked to training courses provided by SANS. This certificate was first issued in May 2019. The news about the launch can be…
How to get GISP Certification
GIAC Information Security Professional (GISP) is an IT certification provided by Global Information Assurance Certification (GIAC), that is linked to training courses provided by SANS. Do not confuse GIAC’s GISP with another certification related to GIS that shares the same…
How to get Info from default Settings of a wireless Device
When a wireless device has default settings from manufacturer, some info can be inferred from it. From a security point of view this is a weakness, because malicious users can leverage this data to identify quicker the possible vulnerabilities linked…
How to crack WPA2
Wi-Fi Protected Access 2 (WPA2) is one of the most widespread security standards for wireless networks. It has been replaced by more recent WPA3, but as of 2021 WPA2 is still more spread. This post explains briefly what is WPA2,…