SecurityTrails Blog
DMitry: Diving Into an Old-School Information Gathering Tool
How much information about a target can you possibly get? Is there an invisible barrier that delimits when enough information is gathered? What about cross-checking results and looking for differences? Data retrieval results may vary, depending on the location source you’re running for the analysis.
Top 30+ Best Blue Team Tools
We’re back to enriching your security toolkit, and this time we’re moving to the defensive side of security. Whether the best defense is a good offense, or the other way around, the truth is one can’t work without the other. That’s why the importance of having both red and blue teams in place and challenging each other, as well as maintaining an organization’s security posture, is crucial.
Attack Surface Analysis: APT “à la carte”
Your company has assets. Those assets are very interesting to somebody. And now, that “somebody” has decided to take them. Congratulations! You’ve just been served to an APT, for lunch.
Covert Channel Discovery: Understanding Network Extrusions
Based on a true series of events: “…I was ready to begin this long-awaited vacation at that awesome paradisical location I’ve been dreaming of for years. Oh no! The moment I stepped out of the room it hit me: I’d completely forgotten to send that incredibly urgent and important email before leaving home. This needs to be fixed right now! But how? Look at me, I’m at this oceanic hotel villa under a palm tree in the middle of nowhere. Internet pricing here is absurd, there’s no way I’ll pay for this… what can I do?”
Masscan: A Fast and Scalable IP Port Scanner
Researchers require tools to make their investigations not only more effective, but also less mundane. Some tools are designed to automate repetitive tasks and other tools are designed to do things that wouldn’t be practical to do manually.
Phishing Toolkit: Top 20 Best Phishing Tools
Phishing is the most common type of social engineering attack, as well as one of the most frequent attack methods on the Internet in general. It’s a simple concept: creating a fake website that impersonates a legitimate one that the target frequents, and sending them a security notice that urges them to ‘click on the following link’—which then leads them to a fake website, where they’ll be prompted to log in.
Top 5 Cybersecurity Certifications to Kick Start Your Career
Many students interested in entering the cybersecurity field turn to certifications to improve their knowledge and hands-on skills, make them more competitive in the job market and get their resumes noticed. But there are many certifications out there focused on different roles in the cybersecurity space, and it can be hard to decide which one to choose, and in which order…it’s confusing.
Asset Discovery: Stay Ahead of Your Digital Fingerprint
How many services do you run within your infrastructure? Are you perfectly aware of what every one of them is doing? What about old services or decommissioned ones? Is your team aware of your services’ digital footprint?
Top 30+ Most Popular Red Team Tools
Organizations are having a hard time detecting new tactics and techniques employed by cyber criminals looking to breach their defenses. The only sure way to thwart possible cyber threats is to discover any unknown weaknesses and vulnerabilities in the systems and existing defenses. And what better way to do this than to rely on expertise of red and blue teams, and even adopting a security methodology of a purple team.
New SurfaceBrowser™ Features: Company Activity & New Associations
Here at SecurityTrails we’re committed to doing our best, and it’s thanks to your constant support and feedback that we’re able to create amazing infosec-data based products to make your life easier than ever.