Kubernetes Security Review Cheat Sheet
by Command reference and resources for reviewing the security posture of a Kubernetes infrastructuree.
Category: Blue Team
Quick Reverse Shell Evading AV Detection
Quickly build a simple reverse shell that evades Windows Anti-Virus (AV) detection using default Kali Linux tools. Mitigation recommendations are presented at the end of the article for defense fortification.
HTTPS on Kubernetes with Spring Boot, Istio and Cert Manager
In this article, you will learn how to create secure HTTPS gateways on Kubernetes. We will use Cert Manager to generate TLS/SSL certificates. With Istio we can create secure HTTPS gateways and expose them outside a Kubernetes cluster. Our test application is built on top of Spring Boot. We will consider two different ways of […]
How To Add a User to Sudoers On Debian 10 Buster
In today’s tutorial, we are going to see how you can add a user to sudoers on Debian distributions. The sudo command allows authorized users to perform commands as another user, which is by default the root user. There are two ways to add a user to sudoers : you can add this user to […]
How To Setup OpenLDAP Server on Debian 10
As a system administrator, you are probably already familiar with the LDAP protocol. If you are working in a medium to large company, you can be sure that your company already owns a LDAP server, whether it is on Linux or Windows. Invented in the early 80s, the LDAP protocol (for Lightweight Directory Access Protocol) […]
Cyber Security Analyst Learning Path
Lesson 1: Explaining the Importance of Security Controls and Security Intelligence Topic 1A: Identify Security Control Types Review Activity: Security Control Types Topic 1B: Explain the Importance of Threat Data and Intelligence Review Activity: Threat Data and Intelligence Lesson 1: Practice Questions Lesson 1 PBQ: Explaining the Importance of Security Controls and Security Intelligence https://hack.technoherder.com/cybersecurity-control/ […]
Analyzing Security Monitoring Data – Practice Questions
Question 1 A system analyst decides to run a packet capture after reading about a security breach in an industry newsletter. The engineer uses tcpdump on a Linux workstation and requires that output written onto a file. Evaluate the available command switches for the tcpdump command and determine which accomplishes the desired goal. Solution The […]
Analyze Email Monitoring Output
OBJECTIVES COVERED Given a scenario, analyze data as part of security monitoring activities. Email remains one of the primary vectors for intrusion and data exfiltration attacks. As an analyst, you should be able to validate that email systems are configured to be as secure as possible and be able to analyze email internet headers and […]
Analyze Endpoint Monitoring Output
OBJECTIVES COVERED Given a scenario, analyze data as part of security monitoring activities. Given a scenario, implement configuration changes to existing controls to improve security. Network-based monitoring systems can be supplemented with host-based monitoring. While host-based detection methods can also rely on signature-based matching, behavioral analytics is increasingly important to cybersecurity. As an analyst, you […]
Analyze Appliance Monitoring Output
OBJECTIVES COVERED Given a scenario, analyze data as part of security monitoring activities. Given a scenario, implement configuration changes to existing controls to improve security. A large amount of security information derives from network security appliances, such as firewalls and intrusion detection systems. As an analyst, you should be able to extract and interpret the […]