MänuThere is an Internet-Draft that defines `.internal` as a TLD for private / internal use: https://datatracker.ietf.org/doc/html/draft-davies-internal-tld-03 #network #rfc
- 63 Followers
- 176 Following
- 90 Posts
405.
Phillip WylieMishaal Khan: The Evolution of OSINT in Cybersecurity https://podcasters.spotify.com/pod/show/phillip-wylie0/episodes/Mishaal-Khan-The-Evolution-of-OSINT-in-Cybersecurity-e2qs3nd?utm_source=mastodon&utm_medium=social&utm_campaign=fedica-Episode-Reposts
Mishaal Khan: The Evolution of OSINT in Cybersecurity by Phillip Wylie Show
Summary In this episode of the Phillip Wylie Show, Mishaal Khan shares his journey from a curious child assembling computers to becoming an expert in OSINT and pen testing. He discusses the importance of OSINT in various fields, the transition to consulting and virtual CISO roles, and offers valuable advice for aspiring CISOs. Mishaal also highlights the impact of AI on cybersecurity and emphasizes the importance of passion over monetary gain in one's career. Takeaways Mishaal's journey began with a curiosity about computers and programming. OSINT can be applied in various fields beyond cybersecurity. Practical experience is crucial for learning OSINT techniques. Social engineering is a key component of successful pen testing. Free tools can be just as effective as paid ones in OSINT. Transitioning to a consulting role requires a blend of technical and managerial skills. Understanding risk is essential for aspiring CISOs. Training should focus on practical applications and real-world scenarios. AI can enhance productivity but is not a replacement for human skills. Pursuing passion in your career leads to greater satisfaction and success. Sound Bites "Do OSINT on yourself first." "I can do it in an hour if you allow me." "AI is not going to take over the world." Chapters 00:00 Introduction to Mishaal Khan 04:43 Mishaal's Hacker Origin Story 06:34 Getting Started in OSINT 11:33 The Role of OSINT in Pen Testing 18:49 Transitioning to Consulting and Virtual CISO 26:43 Advice for Aspiring CISOs 33:00 Training and Educational Initiatives 36:02 The Impact of AI on Cybersecurity 40:32 Final Thoughts and Advice Resources https://www.mishaalkhan.com https://www.linkedin.com/in/mish-aal/ https://x.com/mish3alkhan
daniel:// stenberg://The #curl 8.12.0 presentation
curl 8.12.0 with Daniel Stenberg
I recorded a video showing exactly what I do when I release #curl. The 264th release to be exact: https://youtu.be/7UQgcSWkSYw
How to do a curl release - with Daniel Stenberg
SANS Internet Storm Center - SANS.edu - Go Sentinels!PacketCrypt Classic Cryptocurrency Miner on PHP Servers https://isc.sans.edu/diary/31564
cyb_detectiveOpenSupplyHub
Search worldwide supply chain data by facility name, country, company, product type and other filters.
NonProfit Explorer
USA 🇺🇸
1.9M Active Nonprofits
18M Tax Filings
Search by people/organization name or filling text.
projects.propublica.org/nonprofits/
Creator twitter.com/propublica
MEIOC by twitter.com/AndreaDraghetti
#Python automation tool to extract information from EML files:
Headers
Detailed server relay hops (IP addresses involved)
Extracted URLS/domains
Attachments with calculated hashes.
SPF (Sender Policy Framework)
DKIM (DomainKeys Identified Mail)
PugRecon
Search by 1.6 billion subdomains scrapped from multiple public (and private) sources.
https://dash.pugrecon.celes.in/
Creator twitter.com/c3l3si4n 👏
According to a CyberNews research (blog.gitguardian.com/exposed-git-folders-exposed/) 2% of all web servers has .git directory exposed that may potentially contain sensitive data.
twitter.com/0x0SojalSec advice also check directories for other version control systems (Subversion, Mercurial, Darcs etc)