QeeqBox's repositories
social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
two-factor-authentication-sim-swapping
An adversary may utilize a sim swapping attack for defeating 2fa authentication
two-factor-authentication-sim-cloning
An adversary may utilize a sim swapping attack for defeating 2fa authentication
threat-intelligence
Threat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, and future cyber threats (Collecting information about a potential threat, then analyzing that information to learn more about the negative events)
cyber-kill-chain
Cyber Kill Chain is a model that Lockheed Martin created for understanding (Describe the sequence of events) and stopping cyberattacks
digital-forensics
Digital Forensics is the process of finding and analyzing electronic data
incident-response
Incident response is a set of steps that are used to handle the aftermath of a data breach or cyberattack
stored-cross-site-scripting
An adversary may inject malicious content into a vulnerable target
client-side-template-injection
A threat actor may trick a victim into executing native template syntax on a vulnerable target
cybersecurity
Cybersecurity is the measures taken to protect networks, devices, and data against cyberattacks
directory-listing
A threat actor may list files on a misconfigured server
reflected-cross-site-scripting
A threat actor may inject malicious content into HTTP requests. The content will be reflected in the HTTP response and executed in the victim's browser
risk-management
Risk management is the process of identifying, assessing, treating, and monitoring any negative events that affect a company's ability to operate (Preventing them or minimizing their harmful impact)
vertical-privilege-escalation
A threat actor may perform unauthorized functions belonging to another user with a higher privileges level
authentication-bypass
A threat actor may gain access to data and functionalities by bypassing the target authentication mechanism
authorization-bypass
A threat actor may access the user's account using a stolen or leaked valid (existing) session identifier
captcha-bypass
A threat actor may bypass the Completely Automated Public Turing test to tell Computers and Humans Apart (captcha) by breaking the solving logic, human-assisted solving services, or utilizing automated technology
credential-stuffing
A threat actor may guess the target credentials using a known username and password pairs gathered from previous brute-force attacks
data-compliance
Data compliance is the process of following various regulations and standards to ensure that sensitive digital assets (data) are guarded against loss, theft, and misuse
default-credential
A threat actor may gain unauthorized access using the default username and password
horizontal-privilege-escalation
A threat actor may perform unauthorized functions belonging to another user with a similar privileges level
two-factor-authentication-brute-force
A threat actor may lunch brute force to the two-factor authentication (2FA) logic causing unauthorized access to the target
access-control
Access Control is using security techniques to protect a system against unauthorized access
data-classification
Data classification defines and categorizes data according to its type, sensitivity, and value
data-lifecycle-management
Data Lifecycle Management (DLM) is a policy-based model for managing data in an organization
data-security
Safeguarding your personal information (How your info is protected)
password-spraying
A threat actor may guess the target credentials using a single password with a large set of usernames against the target
xpath-injection
A threat actor may alter the XML path language (XPath) query to read data on the target