Zero Trust

In this post, we’re gonna talk about Zero Trust Networks and Architectures. Zero Trust, like DevOps, isn’t a set of tools that you buy and suddenly you have Zero Trust, but rather it’s also about culture, policies, and more broadly, organization of resources. The whole premise of Zero Trust is to move away from the […]


We’re all mostly familiar with DevOps, which a culture or methodology a company takes that enables quick deployment time. The main principles of DevOps in this case heavily relies on automation of several tasks, from build the program, running test cases, creating of environments, and deploying it to staging or production. The first two tasks […]

Is SUNBURST DNS Tunneling?

With all the news surrounding the breach of SolarWinds update server, and subsequently a majority of clients downloading and installing a backdoor, there has been a lot of analysis of the malware, and the supposed DGA that is being generated. I’m here to question if the behavior fits more of a DNS tunneling event, instead […]

DNS: Hunting Perspective

In a separate post, we talked about the possible different attack vectors of DNS. That post is not entire complete, and there are many more creative ways to use DNS as an attack vector. In this post however, we’re going to be looking at the more technical aspects of DNS, such as the protocols, byte […]

Server Side Request Forgery

Server Side Request Forgery, or SSRF, is an attack where the attacker is able to make a request to an internal resource by pivoting through the server. By leveraging on the server to make a request to the internal resource, the request become seen as legitimate, because internal systems usually trust each other. SSRF through […]

XSS – Revisited

I’ve been doing this lessons by Pentesterlabs, and i’ve learnt a few new things there, which is always great! To be honestly, i’ve never had any proper training or course in terms of offensive cyber security, especially the web. My experiences have mostly been centered around the Linux kernel, which is pretty niche and narrow. In […]


In the previous post, we talked about some of the attack vectors on the DNS. In this post, we’re going to be talking about DNSSEC, which is an attempt to make the DNS more secure. A point to note, DNSSEC does not provide Confidentiality, but only Integrity. Integrity in this case is ensuring that the […]

DNS Attack Vectors

Before looking at DNS Attack Vectors, let’s do a quick recap of what a DNS is, and what are it’s functions. What is a DNS? DNS, or Domain Name System, is a server that provides Name to IP Address resolution. When people visit websites, it’s much easier for them to remember words, such as Facebook […]

Domain Fronting and SNI

Domain fronting is a malicious act of appearing to request to visit a legitimate site (the front), while in actual fact, the request is going to another website. Domain fronting relies on the SSL technology to work, where the service provider is unable to see the actual malicious hostname the request is going to, but […]

The Cyber Kill Chain

The Cyber Kill Chain (CKC) is a sequential set of steps that takes place when an attack happens. There are many variations of the CKC by different companies such as , but the “trusted” and most convincing variant is by Lockheed Martin. This CKC is pretty straightforward, and by disrupting any part of the kill […]