Curiosophy: A Future Forward Cast.

 Shodan, a search engine for internet-connected devices. They explain how Shodan gathers public information, like open ports and software versions, by "pulling banners" from millions of IP addresses, which is a legal form of passive reconnaissance. The tutorial demonstrates using Shodan's web interface and command-line tool to identify vulnerable systems, such as those running outdated software or exposing sensitive p...

 Shodan, a search engine for internet-connected devices. They explain how Shodan gathers public information, like open ports and software versions, by "pulling banners" from millions of IP addresses, which is a legal form of passive reconnaissance. The tutorial demonstrates using Shodan's web interface and command-line tool to identify vulnerable systems, such as those running outdated software or exposing sensitive p...

In this episode we provide a foundational overview of Nmap, a critical cybersecurity tool. The discussion highlights Nmap's primary function in identifying open ports and their associated services on target systems, a crucial step for both network administrators assessing their infrastructure and ethical hackers seeking vulnerabilities. The speakers explain basic Nmap commands like nmap -sT [IP address] for TCP scans and nmap -...

We discuss how Mexican drug cartels developed sophisticated, independent cellular networks to evade surveillance from governments and rival organizations. These private networks utilized older 2G/3G low-frequency technologies, like OpenBTS software and specialized hardware, to minimize the need for numerous cell towers, especially in remote areas. A key innovation highlighted is their advanced encryption methods, which generated te...

A comprehensive, hands-on course on Burp Suite, a leading software for web penetration testing. It explains Burp Suite's modular design and its various core components, such as Proxy, Scanner, Intruder, Repeater, Decoder, and Comparer. The course details how to set up Burp Suite, including configuring proxy settings and installing CA certificates for HTTPS interception, and demonstrates practical applications like spidering, vu...

A comprehensive, hands-on course on Burp Suite, a leading software for web penetration testing. It explains Burp Suite's modular design and its various core components, such as Proxy, Scanner, Intruder, Repeater, Decoder, and Comparer. The course details how to set up Burp Suite, including configuring proxy settings and installing CA certificates for HTTPS interception, and demonstrates practical applications like spidering, vu...

In the heart of the Cold War, CIA operatives Antonio and Jonna Mendez faced the impossible: spying on Moscow under constant surveillance and the ever-present threat of the KGB. The Moscow Rules dives into their thrilling story, uncovering the ingenious tactics and daring strategies they developed to outwit Soviet intelligence. From Hollywood-inspired identity swaps to high-tech gadgets straight out of a spy movie, Antonio and Jonna...

In the shadows of our modern world, there exists a realm of clandestine operations, where journalists, activists, and others engaged in high-stakes, asymmetric conflicts employ covert tactics to pursue their missions. In this provocative episode, we delve into the pages of "Under the Rose," a rare guide to the tradecraft of secret agents and operatives.

Join us as we explore the ethical, political, and psychological dimensions of c...

Transforming ATT&CK Heatmaps with D3FEND Matrix1 source

This video tutorial outlines the process of transforming MITRE ATT&CK heatmaps into defensive strategies using MITRE D3FEND. The presenter demonstrates how to export ATT&CK data, specifically threat actor and software heatmaps, into an Excel format. They then show how to utilize the D3FEND Attack Extractor tool to map these identified ATT&CK techniques to corres...

This podcast delves into Michel Houellebecq's provocative work "Annihilation," examining his unflinching portrayal of modern spiritual emptiness and societal decay. Join us as we analyze Houellebecq's nihilistic vision of contemporary Western civilization, his critique of consumerism, and his controversial perspectives on sexuality, religion, and human connection. Through close readings and cultural context, we'll explore how Houel...

Transforming MITRE ATT&CK heatmaps into defensive strategies using MITRE D3FEND. The presenter demonstrates how to export ATT&CK data, specifically threat actor and software heatmaps, into an Excel format. They then show how to utilize the D3FEND Attack Extractor tool to map these identified ATT&CK techniques to corresponding defensive techniques. The video emphasizes how this mapping helps organizations harden systems,...

The provided text explores how to maximize the Flipper Zero's capabilities for penetration testing by selecting the appropriate firmware. It highlights that while official firmware offers a stable foundation, custom firmware options like Unleashed, Momentum, and RogueMaster provide advanced features, extended frequency ranges, and enhanced customization crucial for comprehensive security assessments. The article also discusses ...

In this episode we look at how Mexican drug cartels developed sophisticated, independent cellular networks to evade surveillance from governments and rival organizations. These private networks utilized older 2G/3G low-frequency technologies, like OpenBTS software and specialized hardware, to minimize the need for numerous cell towers, especially in remote areas. A key innovation highlighted is their advanced encryption methods, wh...

This guide provides a comprehensive tutorial on the Flipper Zero, a multi-tool for physical penetration testing and software-defined radio experimentation. It outlines the initial setup, including firmware updates and custom firmware options, and explains the device's basic operations and key functionalities like RFID, Sub-GHz wireless, NFC, Bluetooth, Infrared, and iButton. The text further demonstrates practical hacking proje...

The provided text describes a new, alarming technology that allows individuals to see through walls using commonplace Wi-Fi signals. This capability is achieved by sending out Wi-Fi signals and then analyzing how these radio waves reflect and refract off objects and people within a room, similar to how eyesight works with light. With the integration of artificial intelligence (AI) and specialized software and hardware, this reflect...

 MITRE ATT&CK Navigator tool to create heatmaps, which are visual representations of threat intelligence. The presenter demonstrates building heatmaps for various threat actor groups like Sandworm and Lazarus, as well as for software strains such as BlackEnergy and Cobalt Strike, by assigning scores to the techniques they employ. Finally, the video illustrates how to generate a heatmap based on defensive mitigations to identify...

This video focuses on the MITRE ATT&CK Navigator tool to create heatmaps, which are visual representations of threat intelligence. The presenter demonstrates building heatmaps for various threat actor groups like Sandworm and Lazarus, as well as for software strains such as BlackEnergy and Cobalt Strike, by assigning scores to the techniques they employ. Finally, the video illustrates how to generate a heatmap based on defensiv...

introducing Ghidra, a free and open-source reverse engineering tool developed by the US NSA. The discussion highlights Ghidra's utility for disassembling software to understand its inner workings, which is crucial for malware analysis, identifying vulnerabilities, and even bypassing authentication mechanisms. OTW demonstrates basic reverse engineering techniques using "crackme" programs, such as searching for strings ...