qeeqbox
There are 44 repositories under qeeqbox topic.
qeeqbox/two-factor-authentication-sim-cloning
An adversary may utilize a sim swapping attack for defeating 2fa authentication
qeeqbox/two-factor-authentication-sim-swapping
An adversary may utilize a sim swapping attack for defeating 2fa authentication
qeeqbox/threat-intelligence
Threat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, and future cyber threats (Collecting information about a potential threat, then analyzing that information to learn more about the negative events)
qeeqbox/cyber-kill-chain
Cyber Kill Chain is a model that Lockheed Martin created for understanding (Describe the sequence of events) and stopping cyberattacks
qeeqbox/incident-response
Incident response is a set of steps that are used to handle the aftermath of a data breach or cyberattack
qeeqbox/digital-forensics
Digital Forensics is the process of finding and analyzing electronic data
qeeqbox/stored-cross-site-scripting
An adversary may inject malicious content into a vulnerable target
qeeqbox/client-side-template-injection
A threat actor may trick a victim into executing native template syntax on a vulnerable target
qeeqbox/cybersecurity
Cybersecurity is the measures taken to protect networks, devices, and data against cyberattacks
qeeqbox/data-compliance
Data compliance is the process of following various regulations and standards to ensure that sensitive digital assets (data) are guarded against loss, theft, and misuse
qeeqbox/directory-listing
A threat actor may list files on a misconfigured server
qeeqbox/dom-based-cross-site-scripting
A threat actor may inject malicious content into HTTP requests. The content is not reflected in the HTTP response and executed in the victim's browser.
qeeqbox/open-redirect
A threat actor may send a malicious redirection request for a vulnerable target to a victim; the victim gets redirected to a malicious website that downloads an executable file
qeeqbox/reflected-cross-site-scripting
A threat actor may inject malicious content into HTTP requests. The content will be reflected in the HTTP response and executed in the victim's browser
qeeqbox/vertical-privilege-escalation
A threat actor may perform unauthorized functions belonging to another user with a higher privileges level
qeeqbox/authentication-bypass
A threat actor may gain access to data and functionalities by bypassing the target authentication mechanism
qeeqbox/authorization-bypass
A threat actor may access the user's account using a stolen or leaked valid (existing) session identifier
qeeqbox/captcha-bypass
A threat actor may bypass the Completely Automated Public Turing test to tell Computers and Humans Apart (captcha) by breaking the solving logic, human-assisted solving services, or utilizing automated technology
qeeqbox/credential-stuffing
A threat actor may guess the target credentials using a known username and password pairs gathered from previous brute-force attacks
qeeqbox/default-credential
A threat actor may gain unauthorized access using the default username and password
qeeqbox/horizontal-privilege-escalation
A threat actor may perform unauthorized functions belonging to another user with a similar privileges level
qeeqbox/icterid-template
Icterid Webapp Template
qeeqbox/session-fixation
A threat actor may trick a user into using a known session identifier to log in. after logging in, the session identifier is used to gain access to the user's account
qeeqbox/session-hijacking
A threat actor may access the user's account using a stolen or leaked valid (existing) session identifier
qeeqbox/threat-actors
A threat actor is any person, group, or entity that could harm to the cyber realm
qeeqbox/two-factor-authentication-brute-force
A threat actor may lunch brute force to the two-factor authentication (2FA) logic causing unauthorized access to the target
qeeqbox/xslt-injection
A threat actor may interfere with an application's processing of extensible stylesheet language transformations (XSLT) for extensible markup language (XML) to read or modify data on the target
qeeqbox/xxe-injection
A threat actor may interfere with an application's processing of extensible markup language (XML) data to view the content of a target's files
qeeqbox/data-classification
Data classification defines and categorizes data according to its type, sensitivity, and value
qeeqbox/data-security
Safeguarding your personal information (How your info is protected)
qeeqbox/identity-and-access-management
The practice of ensuring that people or objects have the right level of access to assets
qeeqbox/insecure-deserialization
A threat actor may tamper with a stream that gets deserialized on the target, causing the target to access data or perform non-intended actions
qeeqbox/local-file-inclusion
A threat actor may cause a vulnerable target to include/retrieve local file
qeeqbox/os-command-injection
A threat actor may inject arbitrary operating system (OS) commands on target
qeeqbox/remote-file-inclusion
A threat actor may cause a vulnerable target to include/retrieve remote file
qeeqbox/security-controls
Countermeasures or safeguards for detecting, preventing, and mitigating cyber threats and attacks (Protect assets)