Penetration Testing Azure: The User-Friendly Guide

Microsoft Azure is a cloud platform that offers a wide range of services to its users. It’s used by organizations all around the world for a variety of reasons. However,…

Web Application Assessment using Burp Suite

Web Application Assessment Information Firstly, we need to understand why Web Application Assessment is important to any organization out there. As people should be aware by now, Web Applications have…

Cognitive Biases and Penetration Testing

by Jeremy Miller This post first appeared on November 30, 2021 and is republished with permission from the author. Disclaimer: The ideas below are my own and may not reflect…

OffSec 2020 Recap

2020 has been quite a year, hasn’t it? It’s been challenging in so many ways, but it was also exciting for us at OffSec. We thrive on bringing new training…

OffSec 2020 Recap

2020 has been quite a year, hasn’t it? It’s been challenging in so many ways, but it was also exciting for us at OffSec. We thrive on bringing new training…

Database Penetration Testing

In this post, I would like to share knowledge and experience while doing Database Penetration Testing. The purpose of Penetration Testing is to find vulnerabilities within the system and simulate…

QRLJACKING and QRLJACKER

In this post, i would like to share one attack method that will take advantage on QR Code which called Quick Response Code Login Jacking (QRLJacking). QRLJacking is a new…

Vulnerabilities Assessment vs Penetration Testing

In this post, I would like to share the difference between Vulnerabilities Assessment vs Penetration Testing during real-life security testing. However, some organizations might want to do Vulnerabilities Assessment and…

Privileges Escalation for Linux and Windows Operating System

What is Privileges Escalation For those are not very familiar with Privilege Escalation, it is an act of exploiting vulnerabilities or bug where the attacker will take advantages of the…

Active Directory Penetration Testing

Active Directory Penetration Testing normally covers exploiting misconfiguration within the Active Directory(AD). I’m still in the progress of learning Active Directory Penetration Testing so let learn together. Let recap on…