FYI - This repo is a collection of my contents

I have been writing contents occasionally throughout my career at various places. I decided to collect, organize and share everything here. Hence created this repo. A few of the content might not be relevant now as they are of 2012 and 2013, but I decided to add them here. Knowing them might populate new ideas to anyone's brain, so good to add it here as FYI.

List of contents:

• Defensive Security:
  

  • SOC monitoring mindmap
  • Building a threat intelligence division for your organization - 1
  • Building a threat intelligence division for your organization - 2
  • Building a threat intelligence division for your organization - 3
  • Building a threat intelligence division for your organization - 4
  • Fool the network hunters
  • Application security maturity assessment in blue team
  • Building a vulnerability management program for your organization
  • Vulnerability Management end-to-end workflow diagram
  • Vulnerability Management Program Key Factors
  • Shadow IT + Threat Intel - Architecture Overview for Blue team
  • iOS device security for SOC team
  • Practical Browser Forensics Checklist
  • DevSecOps risk assessment framework
  • DevSecOps 201 checklist
  • Incident management maturity assessment
  • Vulnerability management tips
  • Threat hunting methodology
  • AV EDR solution selection criteria
  • Threat intel feed sources mindmap

• Offensive Security:
  

  • A complete web application pentest checklist
  • Network VAPT checklist
  • Dirty C0w Vulnerability Demo (CVE-2016-5195) - A privilege escalation vulnerability in the Linux Kernel
  • Windows Command Injection Vulnerability for a Command Shell
  • Powered e-Commerce Application Pentesting
  • SSH Pentest checklist

• Mobile Security (Android/iOS/hardware OS):
  

  • iOS Application Security - xCON Switch - Enable/Disable Detection without removing xCON Application from Cydia
  • Android OS phone security hardening guide
  • Android Application Security - Using hmacSHA256 Encryption For Tamper Proof Request & Response
  • Xiaomi’s Analytics Application Security & Privacy Concern
  • Android Application Hardening Checklist For Developers
  • Android Kiosk Browser Lock down Security Testing Checklist
  • Android Application Backup Vulnerabiility Testing
  • Android Anti Java Hooking - Adding Layer to your SSL pinning and Root detection
  • Blocking Adwares on Android - Protect against malwares and privacy
  • Messeging Apps Privacy Factors to Consider

• Risk Management/GRC/Compliance:
  

  • Failed Risk Management
  • Data Center Security/Safety Review & Audit Checklist
  • Corporate email auditing guidelines
  • Network architecture review checklist
  • Auditing remote access process and procedures
  • Security awareness program guide

• General Cybersecurity:
  

  • 21 myths in the cybersecurity world
  • Cyber tranTransparency
  • Securing remote workspace during COVID-19
  • Security management challenges over the years

• Cryptocurrency:
  

  • Less perks and more pitfalls of cryptocurrency

Warning/Disclaimer: Read the detailed disclaimer at my blog - https://github.com/iamthefrogy/Disclaimer-Warning/blob/main/README.md