SecurityTrails Blog
June Product Updates: New Provider Dossier, ASR Free, and Unified Product Experience
A few weeks have passed since our last product update, and for the month of June we’re excited to announce several new items for Attack Surface Reduction™ v2, SurfaceBrowser™ and our free public application.Provider DossierSurfaceBrowser™ now includes a new pr...
Being Okay With Not Being Okay: Getting Candid with Ben Sadeghipour — NahamSec
Cyber resilience is vital for organizations of all sizes across all industries; it is no wonder the cybersecurity industry is evolving at such a rapid pace. Ethical hackers, security researchers, and professionals play one of the most valuable roles in safeguarding organizations from malicious actors. While organizations embrace new technologies and recruit more security professionals to aid, one aspect often remains overlooked.
Meet SQL Explorer: One of the Best Alternatives to Shodan
In this modern age of IP reconnaissance and security research combined with the ever-growing list of software services accessible via the public internet, it’s critical to stay ahead of the curve.
Business Email Compromise (BEC) Attacks: The Most Dangerous Form of Email Scam
Business email compromise attacks will have you doubting any email you receive, whether it’s from your co-worker or even the CEO of your company.
Kerberoasting Attacks Explained: Definition, How They Work and Mitigation Techniques
In 2014, researcher Tim Medin, a senior SANS instructor and content developer, took the Infosec milieu by surprise when he disclosed Kerberoast.
The 10 Most Popular Bug Bounty Courses and Training Programs for Beginners
While hackers were once thought of as hooded figures sitting in dark rooms, inhabiting mysterious and secluded parts of the internet, the times are thankfully changing. The popularity of white hats and ethical hacking is soaring, and becoming a lucrative career option for many.
Top 40 Shodan Dorks for Finding Sensitive IoT Data
With its ever-growing database and ease of use, Shodan has become one of the most popular tools used by security researchers for gathering IoT intelligence.
Reactive vs. Proactive Security: Which Is Better?
As networks and technology rapidly evolve, many organizations face the challenges of expanding their attack surface. A truly successful approach to dealing with these challenges involves multiple layers of protection that encompass networks, devices, data and people. And to add more fuel to issues brought on by technology and security sprawl growth, malicious actors are constantly working on new techniques, tools and methods to execute attacks on organizations’ data.
5 minutes to Build a Basic Monitoring and Alerting System for New Subdomains
I spent a very long time automating my recon for bug bounties. I collaborated with a couple of friends for about 12 months to build out an automation beast. We had a custom framework, and constant recon scanning with good distribution (at times we scaled up to 100+ servers). We stored data on millions of targets and had Slack notifications for vulnerability detection. It was the third iteration of our automation and we thought it was great. I mean, it was pretty great, and it definitely helped us earn some cash on a few popular bounty programs.
Shadow IT and Its Security Risks - Managing the Unseen
Cloud computing is beneficial. Many organizations already know this and are reaping the benefits cloud adoption has brought them: reduced IT costs, scalability, collaboration efficiency and, above all else, flexibility in accessing storage and software to meet their needs. Users can now more easily engage services and solutions that will make their everyday jobs easier.