Tags¶
Following is a list of relevant tags:
Amazon Web Services¶
- AWS LEGO Organizing the Org
- Another Me SSO with IAM Identity Center, Part 2
- Assume the Role! (Centralized Logging, Part 1)
- Bring in the Fed(eration) SSO
- Buttoning up the Org
- Create Your First AWS IAM Role
- Create and Secure Your First Admin User
- Creating Security Team Permissions in IAM Identity Center
- Enable AWS Organizations
- Enable GuardDuty the Right Way
- Enabled Delegated Administrator for Identity Center and CloudTrail
- Enabling the Org Trail (Centralized Logging Part 3)
- Follow the Money!
- Give Your Account a Security Blanket with SCPs
- NotWhat?!? Lock Out Regions with a Double Negative SCP
- OUs, SCPs, and a Root User Account Recovery
- On the Meaning of Life(cycles), Versions, and Ransomware
- PBAC and ABAC Write an Intermediate AWS IAM Policy
- Secure that Bucket! (Centralized Logging Part 2), Resource Policies
- Skills Challenge IAM Identity Center
- The Best Way to Start with AWS Security Hub
- Timmy's First CloudFormation
- Turn on CloudTrail
- Use EventBridge for Security Hub Alerts
- Write a Simple IAM Policy
Cloud¶
Compute¶
Computer Networking¶
- Active Reconnaissance
- Hub & Spoke
- IP Addressing
- IP Routing
- Load Balancer
- Net Sec Challenge
- Nmap Advanced Port Scans
- Nmap Basic Port Scans
- Nmap Live Host Discovery
- Nmap Post Port Scans
- OSI Model
- Passive Reconnaissance
- Protocols and Servers
- Protocols and Servers 2
- Proxy Servers
- Subnetting
Computer Programming¶
- Applying Python
- Data Types
- Dictionaries & Sets
- Dry Don't Repeat Yourself
- Error Handling & Debugging
- File Management
- Functions
- If/Else Statements
- KISS (Keep It Simple, Stupid)
- Lists & Tuples
- Loops
- Modules, Libraries, & Packages
- Operators
- Overview
- Overview
- Python coding style
- Questions I Ask Myself
- Questions I Ask Myself
- Single Responsibility
- The Four-Step Problem-Solving Process
- Variables
- YAGNI (You Aren’t Gonna Need It)
Cybersecurity¶
- AWS LEGO Organizing the Org
- Active Reconnaissance
- Advanced SQL Injection
- Another Me SSO with IAM Identity Center, Part 2
- Assume the Role! (Centralized Logging, Part 1)
- Authentication Bypass
- Authentication vs Authorization
- Bring in the Fed(eration) SSO
- Burp Suite Intruder
- Burp Suite Other Modules
- Burp Suite Repeater
- Burp Suite The Basics
- Buttoning up the Org
- Claims. Tokens. Sessions
- Cloud Architecture & Security Design
- Command Injection
- Content Discovery
- Create Your First AWS IAM Role
- Create and Secure Your First Admin User
- Creating Security Team Permissions in IAM Identity Center
- Directory forests, domains, replication
- Enable AWS Organizations
- Enable GuardDuty the Right Way
- Enabled Delegated Administrator for Identity Center and CloudTrail
- Enabling the Org Trail (Centralized Logging Part 3)
- Enumeration & Brute Force
- Exploit Vulnerabilities
- Federation. Trust relationships
- File Inclusion
- Follow the Money!
- Give Your Account a Security Blanket with SCPs
- Group membership, role models, ACLs, discretionary vs role-based systems
- IR Flow Plan
- Identity vs Account vs Principal
- Insecure Direct Object Reference (IDOR)
- Intro to C2
- Intro to Cross-site Scripting
- Intro to SSRF
- Introduction to DevSecOps
- JWK and Key Rotation
- JWT Security
- Kerberos
- LDAP
- Learn Attackers Behaviors
- Linux Privilege Escalation
- Managing Security Operations in Microsoft Azure
- Metasploit Exploitation
- Metasploit Introduction
- Metasploit Meterpreter
- Microsoft Defender Suite
- Microsoft Sentinel
- Multi - Factor Authentication
- Net Sec Challenge
- Nmap Advanced Port Scans
- Nmap Basic Port Scans
- Nmap Live Host Discovery
- Nmap Post Port Scans
- NoSQL Injection
- NotWhat?!? Lock Out Regions with a Double Negative SCP
- OAuth 2.0
- OAuth Vulnerabilities
- ORM Injection
- OUs, SCPs, and a Root User Account Recovery
- On the Meaning of Life(cycles), Versions, and Ransomware
- OpenID Connect
- Overview
- PBAC and ABAC Write an Intermediate AWS IAM Policy
- Passive Reconnaissance
- Preventing IDOR Vulnerabilities
- Protocols and Servers
- Protocols and Servers 2
- Red Team Engagements
- Red Team Fundamentals
- Red Team OPSEC
- Red Team Threat Intel
- Risk Management
- SAML 2.0
- SCIM
- SOAR (Security Orchestration, Automation & Response)
- SQL Injection
- Search Skills
- Secure Software Development Lifecycle (S-SDLC)
- Secure that Bucket! (Centralized Logging Part 2), Resource Policies
- Securing Data and Applications in Microsoft Azure
- Security Engineer Intro
- Security Network Architecture
- Server-side Template Injection
- Session Management
- Skills Challenge IAM Identity Center
- Software Development Lifecycle (SDLC)
- Source Code Security
- Subdomain Enumeration
- The Best Way to Start with AWS Security Hub
- Threat Modeling
- Timmy's First CloudFormation
- Turn on CloudTrail
- Understand What Telemetry and Logs Are
- Use EventBridge for Security Hub Alerts
- Vulnerabilities 101
- What The Shell
- Windows Hardening
- Windows Privilege Escalation
- Wiz
- Write a Simple IAM Policy
- XXE Injection
Defensive Security¶
- IR Flow Plan
- Learn Attackers Behaviors
- Risk Management
- SOAR (Security Orchestration, Automation & Response)
- Security Engineer Intro
- Security Network Architecture
- Threat Modeling
- Understand What Telemetry and Logs Are
DevOps¶
- Git Config Notes
- Introduction to DevSecOps
- Overview
- Overview
- Secure Software Development Lifecycle (S-SDLC)
- Software Development Lifecycle (SDLC)
- Source Code Security
- Writing DRY Code with Modules and `for_each`
Fundamentals¶
Identity & Access Management¶
- Authentication vs Authorization
- Claims. Tokens. Sessions
- Configuring Identity and Access in Microsoft Azure
- Directory forests, domains, replication
- Enumeration & Brute Force
- Federation. Trust relationships
- Group membership, role models, ACLs, discretionary vs role-based systems
- Identity vs Account vs Principal
- JWK and Key Rotation
- JWT Security
- Kerberos
- LDAP
- Multi - Factor Authentication
- OAuth 2.0
- OAuth Vulnerabilities
- OpenID Connect
- Overview
- Overview
- SAML 2.0
- SCIM
- Session Management
Infrastructure as Code¶
Linux¶
Microsoft Azure¶
- App Services
- Application Gateway
- Cloud Architecture & Security Design
- Compute
- Configuring Identity and Access in Microsoft Azure
- Container Instances
- Content Delivery Network (CDN)
- Enabling Platform Protection in Microsoft Azure
- Express Route
- Firewalls
- Functions
- Hub & Spoke
- Kubernetes Service
- Managing Security Operations in Microsoft Azure
- Microsoft Defender Suite
- Microsoft Sentinel
- Overview
- Preventing IDOR Vulnerabilities
- Scale Sets
- Securing Data and Applications in Microsoft Azure
- VPN Gateway
- Virtual Desktop
- Virtual Machines
- Virtual Network
Offensive Security¶
- Active Reconnaissance
- Advanced SQL Injection
- Authentication Bypass
- Burp Suite Intruder
- Burp Suite Other Modules
- Burp Suite Repeater
- Burp Suite The Basics
- Command Injection
- Content Discovery
- Enumeration & Brute Force
- Exploit Vulnerabilities
- File Inclusion
- Insecure Direct Object Reference (IDOR)
- Intro to Cross-site Scripting
- Intro to SSRF
- JWT Security
- Linux Privilege Escalation
- Metasploit Exploitation
- Metasploit Introduction
- Metasploit Meterpreter
- Multi - Factor Authentication
- Net Sec Challenge
- Nmap Advanced Port Scans
- Nmap Basic Port Scans
- Nmap Live Host Discovery
- Nmap Post Port Scans
- NoSQL Injection
- OAuth Vulnerabilities
- ORM Injection
- Passive Reconnaissance
- Protocols and Servers
- Protocols and Servers 2
- Red Team Engagements
- Red Team Fundamentals
- Red Team OPSEC
- Red Team Threat Intel
- SQL Injection
- Server-side Template Injection
- Session Management
- Subdomain Enumeration
- Vulnerabilities 101
- What The Shell
- Windows Privilege Escalation
- XXE Injection
Python¶
- Applying Python
- Data Types
- Dictionaries & Sets
- Error Handling & Debugging
- File Management
- Functions
- If/Else Statements
- Lists & Tuples
- Loops
- Modules, Libraries, & Packages
- Operators
- Overview
- Python coding style
- Questions I Ask Myself
- The Four-Step Problem-Solving Process
- Variables