GitHub topics: infosecsimplified
qeeqbox/cyber-kill-chain
Cyber Kill Chain is a model that Lockheed Martin created for understanding (Describe the sequence of events) and stopping cyberattacks
Size: 117 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 10 - Forks: 4
qeeqbox/cybersecurity
Cybersecurity is the measures taken to protect networks, devices, and data against cyberattacks
Size: 224 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 4 - Forks: 0
qeeqbox/two-factor-authentication-sim-swapping
An adversary may utilize a sim swapping attack for defeating 2fa authentication
Size: 673 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 14 - Forks: 3
qeeqbox/two-factor-authentication-sim-cloning
An adversary may utilize a sim swapping attack for defeating 2fa authentication
Size: 232 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 14 - Forks: 3
qeeqbox/two-factor-authentication-brute-force
A threat actor may lunch brute force to the two-factor authentication (2FA) logic causing unauthorized access to the target
Size: 112 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 1
qeeqbox/threat-intelligence
Threat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, and future cyber threats (Collecting information about a potential threat, then analyzing that information to learn more about the negative events)
Size: 183 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 9 - Forks: 0
qeeqbox/incident-response
Incident response is a set of steps that are used to handle the aftermath of a data breach or cyberattack
Size: 224 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 5 - Forks: 2
qeeqbox/data-compliance
Data compliance is the process of following various regulations and standards to ensure that sensitive digital assets (data) are guarded against loss, theft, and misuse
Size: 74.2 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 0
qeeqbox/authentication-bypass
A threat actor may gain access to data and functionalities by bypassing the target authentication mechanism
Size: 75.2 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
qeeqbox/client-side-template-injection
A threat actor may trick a victim into executing native template syntax on a vulnerable target
Size: 129 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 1
qeeqbox/vertical-privilege-escalation
A threat actor may perform unauthorized functions belonging to another user with a higher privileges level
Size: 146 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 1
qeeqbox/horizontal-privilege-escalation
A threat actor may perform unauthorized functions belonging to another user with a similar privileges level
Size: 143 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 1
qeeqbox/dom-based-cross-site-scripting
A threat actor may inject malicious content into HTTP requests. The content is not reflected in the HTTP response and executed in the victim's browser.
Size: 220 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 1
qeeqbox/xxe-injection
A threat actor may interfere with an application's processing of extensible markup language (XML) data to view the content of a target's files
Size: 97.7 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
qeeqbox/insecure-deserialization
A threat actor may tamper with a stream that gets deserialized on the target, causing the target to access data or perform non-intended actions
Size: 76.2 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/remote-file-inclusion
A threat actor may cause a vulnerable target to include/retrieve remote file
Size: 262 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/local-file-inclusion
A threat actor may cause a vulnerable target to include/retrieve local file
Size: 110 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/cross-site-request-forgery
A threat actor may trick an authenticated or trusted victim into executing unauthorized actions on their behalf
Size: 237 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/identity-and-access-management
The practice of ensuring that people or objects have the right level of access to assets
Size: 38.1 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/threat-actors
A threat actor is any person, group, or entity that could harm to the cyber realm
Size: 39.1 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
qeeqbox/session-hijacking
A threat actor may access the user's account using a stolen or leaked valid (existing) session identifier
Size: 184 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
qeeqbox/session-fixation
A threat actor may trick a user into using a known session identifier to log in. after logging in, the session identifier is used to gain access to the user's account
Size: 244 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
qeeqbox/stored-cross-site-scripting
An adversary may inject malicious content into a vulnerable target
Size: 125 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 4 - Forks: 1
qeeqbox/default-credential
A threat actor may gain unauthorized access using the default username and password
Size: 263 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
qeeqbox/password-spraying
A threat actor may guess the target credentials using a single password with a large set of usernames against the target
Size: 201 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/credential-stuffing
A threat actor may guess the target credentials using a known username and password pairs gathered from previous brute-force attacks
Size: 375 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
qeeqbox/directory-listing
A threat actor may list files on a misconfigured server
Size: 156 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 0
qeeqbox/reflected-cross-site-scripting
A threat actor may inject malicious content into HTTP requests. The content will be reflected in the HTTP response and executed in the victim's browser
Size: 305 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 1
qeeqbox/captcha-bypass
A threat actor may bypass the Completely Automated Public Turing test to tell Computers and Humans Apart (captcha) by breaking the solving logic, human-assisted solving services, or utilizing automated technology
Size: 210 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
qeeqbox/xpath-injection
A threat actor may alter the XML path language (XPath) query to read data on the target
Size: 179 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/session-replay
A threat actor may re-use a stolen or leaked session identifier to access the user's account
Size: 257 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/os-command-injection
A threat actor may inject arbitrary operating system (OS) commands on target
Size: 108 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/sql-injection
A threat actor may alter structured query language (SQL) query to read, modify and write to the database or execute administrative commands for further chained attacks
Size: 131 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/xslt-injection
A threat actor may interfere with an application's processing of extensible stylesheet language transformations (XSLT) for extensible markup language (XML) to read or modify data on the target
Size: 103 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
qeeqbox/access-control
Access Control is using security techniques to protect a system against unauthorized access
Size: 99.6 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/data-security
Safeguarding your personal information (How your info is protected)
Size: 67.4 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/security-controls
Countermeasures or safeguards for detecting, preventing, and mitigating cyber threats and attacks (Protect assets)
Size: 37.1 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/data-classification
Data classification defines and categorizes data according to its type, sensitivity, and value
Size: 91.8 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/authorization-bypass
A threat actor may access the user's account using a stolen or leaked valid (existing) session identifier
Size: 132 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
qeeqbox/server-side-template-injection
A threat actor may alter the template syntax on the vulnerable target to execute commands
Size: 78.1 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/open-redirect
A threat actor may send a malicious redirection request for a vulnerable target to a victim; the victim gets redirected to a malicious website that downloads an executable file
Size: 119 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 0
qeeqbox/digital-forensics
Digital Forensics is the process of finding and analyzing electronic data
Size: 172 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 4 - Forks: 1
qeeqbox/data-states
Data states refer to structured and unstructured data divided into three categories (At Rest, In Use, and In Transit)
Size: 48.8 KB - Last synced at: about 2 months ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0
qeeqbox/data-lifecycle-management
Data Lifecycle Management (DLM) is a policy-based model for managing data in an organization
Size: 63.5 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
qeeqbox/risk-management
Risk management is the process of identifying, assessing, treating, and monitoring any negative events that affect a company's ability to operate (Preventing them or minimizing their harmful impact)
Size: 175 KB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 1