Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists tagged with infosecsimplified
A curated list of projects in awesome lists tagged with infosecsimplified .
https://github.com/qeeqbox/two-factor-authentication-sim-swapping
An adversary may utilize a sim swapping attack for defeating 2fa authentication
2fa example infosecsimplified metadata qeeqbox sim swapping visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/two-factor-authentication-sim-cloning
An adversary may utilize a sim swapping attack for defeating 2fa authentication
2factor authintacation bypass infosecsimplified qeeqbox vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/threat-intelligence
Threat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, and future cyber threats (Collecting information about a potential threat, then analyzing that information to learn more about the negative events)
cycle infosecsimplified qeeqbox threat-intelligence
Last synced: 15 Nov 2024
https://github.com/qeeqbox/cyber-kill-chain
Cyber Kill Chain is a model that Lockheed Martin created for understanding (Describe the sequence of events) and stopping cyberattacks
chain cyberattack infosecsimplified kill lifecycle qeeqbox
Last synced: 15 Nov 2024
https://github.com/qeeqbox/incident-response
Incident response is a set of steps that are used to handle the aftermath of a data breach or cyberattack
cycle incident-response infosecsimplified qeeqbox
Last synced: 15 Nov 2024
https://github.com/qeeqbox/stored-cross-site-scripting
An adversary may inject malicious content into a vulnerable target
cross example infosecsimplified metadata qeeqbox scripting site stored visulization vulnerability xss-vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/digital-forensics
Digital Forensics is the process of finding and analyzing electronic data
cycle digital-forensics infosecsimplified qeeqbox visualization
Last synced: 15 Nov 2024
https://github.com/qeeqbox/open-redirect
A threat actor may send a malicious redirection request for a vulnerable target to a victim; the victim gets redirected to a malicious website that downloads an executable file
infosecsimplified open qeeqbox redirect vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/reflected-cross-site-scripting
A threat actor may inject malicious content into HTTP requests. The content will be reflected in the HTTP response and executed in the victim's browser
cross infosecsimplified metadata qeeqbox reflected scripting site visualization vulnerability xss
Last synced: 15 Nov 2024
https://github.com/qeeqbox/vertical-privilege-escalation
A threat actor may perform unauthorized functions belonging to another user with a higher privileges level
escalation example infosecsimplified metadata privilege qeeqbox vertical visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/risk-management
Risk management is the process of identifying, assessing, treating, and monitoring any negative events that affect a company's ability to operate (Preventing them or minimizing their harmful impact)
cycle infosecsimplified risk-management visualization
Last synced: 15 Nov 2024
https://github.com/qeeqbox/dom-based-cross-site-scripting
A threat actor may inject malicious content into HTTP requests. The content is not reflected in the HTTP response and executed in the victim's browser.
cross dom example infosecsimplified metadata qeeqbox scripting site vulnerability xss xss-vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/directory-listing
A threat actor may list files on a misconfigured server
directory infosecsimplified listing qeeqbox vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/cybersecurity
Cybersecurity is the measures taken to protect networks, devices, and data against cyberattacks
cybersecurity cycle infosecsimplified qeeqbox visualization
Last synced: 15 Nov 2024
https://github.com/qeeqbox/client-side-template-injection
A threat actor may trick a victim into executing native template syntax on a vulnerable target
client infosecsimplified injection qeeqbox side template vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/horizontal-privilege-escalation
A threat actor may perform unauthorized functions belonging to another user with a similar privileges level
escalation example horizontal infosecsimplified metadata privilege qeeqbox visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/captcha-bypass
A threat actor may bypass the Completely Automated Public Turing test to tell Computers and Humans Apart (captcha) by breaking the solving logic, human-assisted solving services, or utilizing automated technology
bypass captcha example infosecsimplified metadata qeeqbox visulization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/authorization-bypass
A threat actor may access the user's account using a stolen or leaked valid (existing) session identifier
authorization bypass example infosecsimplified metadata qeeqbox vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/data-compliance
Data compliance is the process of following various regulations and standards to ensure that sensitive digital assets (data) are guarded against loss, theft, and misuse
compliance data data-compliance infosecsimplified qeeqbox
Last synced: 15 Nov 2024
https://github.com/qeeqbox/two-factor-authentication-brute-force
A threat actor may lunch brute force to the two-factor authentication (2FA) logic causing unauthorized access to the target
2fa authentication brute-force example infosecsimplified qeeqbox visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/threat-actors
A threat actor is any person, group, or entity that could harm to the cyber realm
infosecsimplified qeeqbox threat-actors
Last synced: 15 Nov 2024
https://github.com/qeeqbox/authentication-bypass
A threat actor may gain access to data and functionalities by bypassing the target authentication mechanism
authentication bypass example infosecsimplified metadata qeeqbox visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/default-credential
A threat actor may gain unauthorized access using the default username and password
credentials default example infosecsimplified metadata qeeqbox visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/xslt-injection
A threat actor may interfere with an application's processing of extensible stylesheet language transformations (XSLT) for extensible markup language (XML) to read or modify data on the target
infosecsimplified injection qeeqbox vulnerability xslt
Last synced: 15 Nov 2024
https://github.com/qeeqbox/xxe-injection
A threat actor may interfere with an application's processing of extensible markup language (XML) data to view the content of a target's files
infosecsimplified injection metadata qeeqbox visualization vulnerability xee xml xxe xxe-injection
Last synced: 15 Nov 2024
https://github.com/qeeqbox/session-hijacking
A threat actor may access the user's account using a stolen or leaked valid (existing) session identifier
example hijacking infosecsimplified metadata qeeqbox session visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/credential-stuffing
A threat actor may guess the target credentials using a known username and password pairs gathered from previous brute-force attacks
credentials example infosecsimplified metadta qeeqbox stuffing visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/session-fixation
A threat actor may trick a user into using a known session identifier to log in. after logging in, the session identifier is used to gain access to the user's account
example fixation infosecsimplified metadata qeeqbox session visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/data-classification
Data classification defines and categorizes data according to its type, sensitivity, and value
classification data data-classification infosecsimplified qeeqbox
Last synced: 15 Nov 2024
https://github.com/qeeqbox/cross-site-request-forgery
A threat actor may trick an authenticated or trusted victim into executing unauthorized actions on their behalf
cross example forgery infosecsimplified metadata qeeqebox request site vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/sql-injection
A threat actor may alter structured query language (SQL) query to read, modify and write to the database or execute administrative commands for further chained attacks
infosecsimplified metadata qeeqbox sql-injection visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/os-command-injection
A threat actor may inject arbitrary operating system (OS) commands on target
command infosecsimplified injection os os-command-injection qeeqbox vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/session-replay
A threat actor may re-use a stolen or leaked session identifier to access the user's account
example infosecsimplified metadata qeeqbox replay session visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/xpath-injection
A threat actor may alter the XML path language (XPath) query to read data on the target
infosecsimplified injection metadata qeeqbox visualization vulnerability xpath xpath-injection
Last synced: 15 Nov 2024
https://github.com/qeeqbox/security-controls
Countermeasures or safeguards for detecting, preventing, and mitigating cyber threats and attacks (Protect assets)
controls infosecsimplified qeeqbox security security-controls
Last synced: 15 Nov 2024
https://github.com/qeeqbox/remote-file-inclusion
A threat actor may cause a vulnerable target to include/retrieve remote file
file inclusion infosecsimplified qeeqbox remote vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/password-spraying
A threat actor may guess the target credentials using a single password with a large set of usernames against the target
example infosecsimplified metadata password qeeqbox spraying visualization vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/local-file-inclusion
A threat actor may cause a vulnerable target to include/retrieve local file
file include infosecsimplified local qeeqbox vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/insecure-deserialization
A threat actor may tamper with a stream that gets deserialized on the target, causing the target to access data or perform non-intended actions
deserialization infosecsimplified insecure qeeqbox vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/data-states
Data states refer to structured and unstructured data divided into three categories (At Rest, In Use, and In Transit)
data data-state infosecsimplified qeeqbox
Last synced: 15 Nov 2024
https://github.com/qeeqbox/access-control
Access Control is using security techniques to protect a system against unauthorized access
access access-control control infosecsimplified qeeqbox
Last synced: 15 Nov 2024
https://github.com/qeeqbox/server-side-template-injection
A threat actor may alter the template syntax on the vulnerable target to execute commands
infosecsimplified injection qeeqbox server side template vulnerability
Last synced: 15 Nov 2024
https://github.com/qeeqbox/identity-and-access-management
The practice of ensuring that people or objects have the right level of access to assets
access iaaa identity infosecsimplified management qeeqbox
Last synced: 15 Nov 2024
https://github.com/qeeqbox/data-security
Safeguarding your personal information (How your info is protected)
data data-security infosecsimplified qeeqbox security
Last synced: 15 Nov 2024
https://github.com/qeeqbox/data-lifecycle-management
Data Lifecycle Management (DLM) is a policy-based model for managing data in an organization
data data-lifecycle-management infosecsimplified lifecycle management qeeqbox
Last synced: 15 Nov 2024