because-security

Topic	Replies	Views	Activity
X86 - the 32 bit assembly workflows you need in Information Security for Malware Analysis and Exploit Development wiki coding , malware-analysis , ia32 , reverse_engineering , offdev , asm , x86_32 It's not about reading CISC, it's about the flows In Exploit Development and Malware Analysis, it’s not about reading assembly. It’s about understanding and directing the control flow. That is valuable. Who needs all the…	2	4365	August 26, 2021
Technical Compliance - Enterprise Security beyond silos, gimmicks and paper shields wiki compliance , iso-27001 , security_management , risk_management , bsi-standards , vda-tisax , nist , gdpr , pci-dss This is an intermediate level Wiki article about Information Security compliance. The InfoSec vs. Compliance FAQ section at the end is opinionated as well. Subsections deal with the integration points between an ISMS …	2	636	August 26, 2021
Make Application Security DevOps-friendly, continuous, manageable and keep it simple: GitHub Advanced Enterprise Security to Action(s) tech-notes software-testing , continuous-integration , sast , security_management , data_science , python , cast , linux , github , pandas , automation , coding , codeql , appsec	0	54	May 31, 2022
Because Security - Recent topics (October 2022) updates appsec , pandas , windows-environment , active-directory , python , log_management , log-analysis , data_science	0	59	October 28, 2022
A show-case of concurrent swapped security event enrichment with Modin (Pandas-style), Python, and mapping from a CSV - Pivot tables tech-notes automation , continuous-integration , pandas , coding , data_science , python	0	45	October 27, 2022
Cloudflare Enterprise Web Application Firewall (WAF) Logs - event enrichment techniques using Python Pandas and tabular correlation tech-notes splunk , cloudflare , elasticsearch , pandas , data_science , log-parsers , log_management , log-analysis , coding	0	94	October 14, 2022
Machine Learning is a multi-year journey - Wiki essay public-wiki-drafts machine-learning , automation , statistics , coding , python , data_science , scikit , supervised_learning , unsupervised_learning , artifical_intelligence , estimation-theory	0	237	May 6, 2021
VMware ESXi remote code execution - steps to defend your systems (CVE-2020-3992) blog esxi , vmware , linux , ovirt	1	390	June 1, 2021
A technical look a Horusec - OpenSource Risk-driven Application Security for DevOps (SAST / DAST / CAST) tech-notes sast , dast , cast , jenkins , continuous-integration , containers , code-reviews , coding , devops	1	823	May 19, 2021
Network Security Monitoring - Threat Hunting Snippets Snippets threat-hunting , zeek , network_forensics , linux , rita , passer	0	464	May 16, 2021
Pf-dup on a PfSense gateway for separate distributed IDS sensors blog intrusion-detection , openbsd , pfsense , linux , suricata , esxi , vmware , zeek , cnc , lab-building	1	901	May 16, 2021
KubeCon + CloudNativeCon Europe 2021+ Pipeline hack - my wrap-up blog compliance , security_management , devops , kubernetes , linux , information_management , infosec_con	1	317	May 14, 2021
Discourse as a blog / knowledge base since Nov 2015. Documentation is not boring blog editorial , discourse-app , information_management	1	375	May 3, 2021
Active Directory - advanced topics - Wiki public-wiki-drafts windows-environment , cloud , active-directory	1	83	April 29, 2021
CentOS 7 on a Lenovo T480 in an enterprise environment wiki linux-desktop , linux , centos	1	1088	April 29, 2021
Rate limiting (Technitium) DNS with pfSense (Community Edition) blog dns , firewall , network-engineering , pfsense	1	985	April 29, 2021
AWS Security Reviews with the command-line Snippets automation , aws , cloud	1	178	April 29, 2021
Elasticsearch API and Python - JSON in, garbage out wiki elasticsearch , python , jupyter , graphs , pandas , networkx , data_science , log_management , siem	1	1542	April 29, 2021
How to use ssh ProxyCommands on Windows 10 from Powershell blog ssh , windows-environment , linux , openbsd	1	9049	April 29, 2021
Motivation for Risk Analysis to improve Risk Management? Or do we just manage the chaos? blog iso-27005 , iso-27001 , fair , iso-31000 , data_science , compliance , security_metrics	1	575	April 29, 2021
Quick-tipp: Windows Group Policy for Software Restrictions in suspicious folders tech-notes windows-environment , active-directory , group-policies , quick-tipp	1	547	April 29, 2021
Quick-tipp: use Online file systems from WSL 1 (Ubuntu on Windows 10) tech-notes quick-tipp , windows , wsl_1	1	549	April 29, 2021
Linux Software-Security - practical things public-wiki-drafts linux , aslr , gdb , abi , unix , c , coding	1	229	April 29, 2021
InfoSec Jupyterthon (May 2020) - links wiki threat-hunting , coding , python , jupyter , infosec_con	1	464	April 29, 2021
How to rock at Serverless - from beginner to Knative and Kubeless blog automation , coding , cloud , devops , linux , jenkins , java , javascript , spring , react , serverless , micro-services , python , kubernetes , knative	3	2086	October 15, 2022
Autopsy - lab notes (hands on Blue Team) public-wiki-drafts forensics , incident_response , autopsy	1	314	April 29, 2021
Web Security basics: Third-Party assets and Application Security wiki web_apps , appsec , build-system , supply-chain	1	416	April 29, 2021
Quick-tipp: use Eclipse Theia as a Cloud-IDE like a web-version of VScode tech-notes quick-tipp , private_cloud , coding	1	742	April 29, 2021
Real World Java Security public-wiki-drafts appsec , java , coding , sast , sdlc	1	467	April 29, 2021
C++ Reverse Engineering - concepts and tools - Ghidra and WinDbg Preview wiki c , cpp , reverse_engineering , ghidra , radare , x86_32 , x86_64 , arm , windbg	1	6419	April 29, 2021

X86 - the 32 bit assembly workflows you need in Information Security for Malware Analysis and Exploit Development

coding , malware-analysis , ia32 , reverse_engineering , offdev , asm , x86_32

It's not about reading CISC, it's about the flows In Exploit Development and Malware Analysis, it’s not about reading assembly. It’s about understanding and directing the control flow. That is valuable. Who needs all the…

2

4365

August 26, 2021

Technical Compliance - Enterprise Security beyond silos, gimmicks and paper shields

wiki

compliance , iso-27001 , security_management , risk_management , bsi-standards , vda-tisax , nist , gdpr , pci-dss

This is an intermediate level Wiki article about Information Security compliance. The InfoSec vs. Compliance FAQ section at the end is opinionated as well. Subsections deal with the integration points between an ISMS …

2

636

August 26, 2021

Make Application Security DevOps-friendly, continuous, manageable and keep it simple: GitHub Advanced Enterprise Security to Action(s)

tech-notes

software-testing , continuous-integration , sast , security_management , data_science , python , cast , linux , github , pandas , automation , coding , codeql , appsec

0

54

May 31, 2022

Because Security - Recent topics (October 2022)

updates

appsec , pandas , windows-environment , active-directory , python , log_management , log-analysis , data_science

0

59

October 28, 2022

A show-case of concurrent swapped security event enrichment with Modin (Pandas-style), Python, and mapping from a CSV - Pivot tables

tech-notes

automation , continuous-integration , pandas , coding , data_science , python

0

45

October 27, 2022

Cloudflare Enterprise Web Application Firewall (WAF) Logs - event enrichment techniques using Python Pandas and tabular correlation

tech-notes

splunk , cloudflare , elasticsearch , pandas , data_science , log-parsers , log_management , log-analysis , coding

0

94

October 14, 2022

Machine Learning is a multi-year journey - Wiki essay

public-wiki-drafts

machine-learning , automation , statistics , coding , python , data_science , scikit , supervised_learning , unsupervised_learning , artifical_intelligence , estimation-theory

0

237

May 6, 2021

VMware ESXi remote code execution - steps to defend your systems (CVE-2020-3992)

blog

esxi , vmware , linux , ovirt

1

390

June 1, 2021

A technical look a Horusec - OpenSource Risk-driven Application Security for DevOps (SAST / DAST / CAST)

tech-notes

sast , dast , cast , jenkins , continuous-integration , containers , code-reviews , coding , devops

1

823

May 19, 2021

Network Security Monitoring - Threat Hunting Snippets

Snippets

threat-hunting , zeek , network_forensics , linux , rita , passer

0

464

May 16, 2021

Pf-dup on a PfSense gateway for separate distributed IDS sensors

blog

intrusion-detection , openbsd , pfsense , linux , suricata , esxi , vmware , zeek , cnc , lab-building

1

901

May 16, 2021

KubeCon + CloudNativeCon Europe 2021+ Pipeline hack - my wrap-up

blog

compliance , security_management , devops , kubernetes , linux , information_management , infosec_con

1

317

May 14, 2021

Discourse as a blog / knowledge base since Nov 2015. Documentation is not boring

blog

editorial , discourse-app , information_management

1

375

May 3, 2021

Active Directory - advanced topics - Wiki

public-wiki-drafts

windows-environment , cloud , active-directory

1

83

April 29, 2021

CentOS 7 on a Lenovo T480 in an enterprise environment

wiki

linux-desktop , linux , centos

1

1088

April 29, 2021

Rate limiting (Technitium) DNS with pfSense (Community Edition)

blog

dns , firewall , network-engineering , pfsense

1

985

April 29, 2021

AWS Security Reviews with the command-line

Snippets

automation , aws , cloud

1

178

April 29, 2021

Elasticsearch API and Python - JSON in, garbage out

wiki

elasticsearch , python , jupyter , graphs , pandas , networkx , data_science , log_management , siem

1

1542

April 29, 2021

How to use ssh ProxyCommands on Windows 10 from Powershell

blog

ssh , windows-environment , linux , openbsd

1

9049

April 29, 2021

Motivation for Risk Analysis to improve Risk Management? Or do we just manage the chaos?

blog

iso-27005 , iso-27001 , fair , iso-31000 , data_science , compliance , security_metrics

1

575

April 29, 2021

Quick-tipp: Windows Group Policy for Software Restrictions in suspicious folders

tech-notes

windows-environment , active-directory , group-policies , quick-tipp

1

547

April 29, 2021

Quick-tipp: use Online file systems from WSL 1 (Ubuntu on Windows 10)

tech-notes

quick-tipp , windows , wsl_1

1

549

April 29, 2021

Linux Software-Security - practical things

public-wiki-drafts

linux , aslr , gdb , abi , unix , c , coding

1

229

April 29, 2021

InfoSec Jupyterthon (May 2020) - links

wiki

threat-hunting , coding , python , jupyter , infosec_con

1

464

April 29, 2021

How to rock at Serverless - from beginner to Knative and Kubeless

blog

automation , coding , cloud , devops , linux , jenkins , java , javascript , spring , react , serverless , micro-services , python , kubernetes , knative

3

2086

October 15, 2022

Autopsy - lab notes (hands on Blue Team)

public-wiki-drafts

forensics , incident_response , autopsy

1

314

April 29, 2021

Web Security basics: Third-Party assets and Application Security

wiki

web_apps , appsec , build-system , supply-chain

1

416

April 29, 2021

Quick-tipp: use Eclipse Theia as a Cloud-IDE like a web-version of VScode

tech-notes

quick-tipp , private_cloud , coding

1

742

April 29, 2021

Real World Java Security

public-wiki-drafts

appsec , java , coding , sast , sdlc

1

467

April 29, 2021

C++ Reverse Engineering - concepts and tools - Ghidra and WinDbg Preview

wiki

c , cpp , reverse_engineering , ghidra , radare , x86_32 , x86_64 , arm , windbg

1

6419

April 29, 2021