Setting up a flat-file CMS...quick poll, which one?

Top 30+ Best Blue Team Tools

A collection of best blue team tools to enrich your security toolkit. Discover different honeypots, incident response, threat hunting and other defensive tools.

securitytrails.com/blog/blue-t

Being attacked by sources using Tor? Maintain your ACLs using this.

Tor Project’s Exit List Service

blog.torproject.org/changes-to

It's finally here, teasing is over:

I'm excited to launch #keyoxide today!

yarmo.eu/post/keyoxide

#FOSS solution for easy encryption, signature verification and decentralized identity proofs!

I've been in favor of #DeleteKeybase but I never had something to offer as an alternative. Now I do :)

~Open Source Security Tool of the Day~

Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdir enumeration and attack surface mapping rapidly using ASM.

github.com/s1l3nt78/sifter/

Cloudskew — Draw cloud architecture diagrams

Free AWS, Azure, GCP, Kubernetes Architecture Diagram Tool

cloudskew.com/

Apropos of nothing in particular, today I learned how to block people on Mastodon. Remember kids, free speech rights don't mean anyone has to read your BS.

Microsoft quietly created a Windows 10 File Recovery tool, how to use

Microsoft has created a Windows 10 File Recovery Tool that recovers deleted files and forgot to tell anyone.

bleepingcomputer.com/news/micr

I definitely trust my DNS provider - NextDNS - more than my ISP. This is because I willfully chose them after doing research and I also pay for the service to support them and keep them providing me with the tools to filter out crap and transparently show me what is happening on my networks.

Encrypted DNS Query Transports and Their Trust Models – Asinine Tech

asininetech.com/2020/06/26/enc

I will soon be studying for, and taking, the Certified Cloud Security Professional certification. Anybody have any good recommendations they could pass along?

isc2.org/Certifications/CCSP

RT @RiotChat@twitter.com

The world is changing... heads up that Riot (and @NewVectorHQ@twitter.com and @ModularIM@twitter.com) will soon be getting a new name!! 💥🙀💨 blog.riot.im/the-world-is-chan

🐦🔗: twitter.com/RiotChat/status/12

~Open Source Security Tool of the Day~

TigerVNC is a high-performance, platform-neutral implementation of VNC (Virtual Network Computing), a client/server application that allows users to launch and interact with graphical applications on remote machines. TigerVNC also provides extensions for advanced authentication methods and TLS encryption.

tigervnc.org/

"It is unlikely that many people need to make such a printer accessible to everyone – these devices should be firewalled and/or have an authentication mechanism enabled."

Ya think??!! 🙄

Open IPP Report – Exposed Printer Devices on the Internet | The Shadowserver Foundation

shadowserver.org/news/open-ipp

Customer: "Can I have a "back to top" button on my web page?"
Me: "Sure, why not?" tholman.com/elevator.js/

(do allow audio for that page)

Dungeon Scrawl

OLD SCHOOL MAPS IN MINUTES

Dungeon Scrawl is a mapping tool developed by Keir, aka @ProbableTrain. It aims to be an easy-to-grasp tool with a high skill ceiling, empowering artists by automatically taking care of the most time-consuming stuff

dungeonscrawl.com/

In bid to please users (READ: not get fined by the EU) Apple will now allow you to do what Android has been able to do since almost the beginning of the OS.

9to5mac.com/2020/06/22/ios-14-

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.