Author: admin

  • Massachusetts’: ATT&CK Penetration Testing

    Massachusetts, renowned for its technological prowess, has established itself as a global leader in cybersecurity, and this is my post on ATT&CK penetration testing. At the forefront of this reputation is the MITRE ATT&CK framework, a dynamic tool deeply rooted in the state’s commitment to advancing cybersecurity practices. This article explores the extensive use of…

  • att&ck Framework

    The MITRE ATT&CK framework, a groundbreaking initiative introduced in 2015, has emerged as a linchpin in the field of cybersecurity. Computer Weekly hails it as “the free, globally accessible service that offers comprehensive and current cyber security threat information” to organizations, underscoring its pivotal role in navigating the intricate landscape of digital security. Simultaneously, TechTarget…

  • New England Cybersecurity – Power Plants

    New England cybersecurity, including states such as Massachusetts, New York, & Connecticut, Vermont, & New Hampshire, stands at the forefront of technological innovation in the United States. With a diverse energy portfolio, power plants and hydro stations in the region play a crucial role in maintaining a stable and secure energy supply. However, the integration…

  • ICS-SCADA in Massachusetts Cybersecurity: A Comprehensive Odyssey

    In the technologically advanced landscape of Massachusetts, where innovation converges with critical infrastructure, the deployment of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) technologies paints a nuanced picture of Massachusetts Cybersecurity. This extended exploration delves into the multifaceted realm of ICS-SCADA systems in the state, analyzing potential vulnerabilities, understanding nation-state threats,…

  • Wireshark Internal Network Pentest

    In the intricate landscape of cybersecurity, the significance of using wireshark is paramount, and this is my post on wireshark internal network pentest. Also read my post on tcp/ip in pentesting, – here – and my post on the best internal network pentest tools – here. These simulated cyberattacks serve as a proactive strategy, enabling…

  • DNS -Attack Vector into a Internal Network

    The Domain Name System (DNS), a fundamental component of the internet, facilitates the translation of human-readable domain names into IP addresses – and can also be an attack vector into an internal network. While DNS plays a crucial role in network functionality, it can be exploited as a potent attack vector to compromise the security…

  • Internal Network Security vs. External Network Vulnerabilities

    Introduction In the ever-evolving landscape of cybersecurity, understanding the intricacies of an organization’s internal network and external networks is paramount. From an attacker’s perspective, gaining unauthorized access to an internal network provides a treasure trove of sensitive information and potential entry points for further exploitation. In this article, we will delve into the nuances of…

  • Nmap, Python & Go Network Pentesting

    In the realm of cybersecurity, the quest for securing internal networks has led to the integration of powerful tools and programming languages. Nmap, a stalwart in network reconnaissance, takes center stage in this exploration. We will delve into the intricacies of utilizing Nmap in conjunction with Python and Go for internal network pentesting. As organizations…