Best of Cybersecurity — April 2025

1. 1
   Article

   InfoSec Write-ups·52w

   5 Tools I Wish I Knew When I Started Hacking

   Starting in hacking and cybersecurity can be overwhelming due to the vast array of tools available. This post introduces five essential tools for beginners: Burp Suite for web application testing, Nmap for network scanning, Amass for subdomain enumeration, CyberChef for data encoding/decoding, and Gobuster for directory enumeration. Learning to use these tools can significantly streamline tasks and enhance your penetration testing capabilities. Bonus tips include focusing on one tool at a time, staying updated with new features, and monitoring GitHub repositories.

   304

   5
2. 2
   Article

   InfoSec Write-ups·51w

   Free Resources to Learn PenTesting in 2025

   Explore a variety of free resources available in 2025 to learn penetrative testing and ethical hacking, including TryHackMe, Hack The Box, PortSwigger, and INE. From hands-on practice with vulnerable machines to interactive courses and community support, this guide offers insights into foundational tools and strategies to enhance cybersecurity skills without financial investment.

   167

   4
3. 3
   Article

   Hacker News·1y

   Fake job seekers are flooding U.S. companies that are hiring for remote positions, tech CEOs say

   Fake job seekers are increasingly targeting U.S. companies hiring for remote positions, using AI tools like deepfake software to secure employment. The deception ranges from installing malware to stealing data or simply collecting wages. Companies across various industries, particularly in cybersecurity and cryptocurrency, have experienced a surge in such fraudulent applications. Efforts to tackle this issue include adoption of advanced identity-verification technologies.

   137

   26
4. 4
   Article

   InfoSec Write-ups·1y

   Top 20 Linux Commands Every Pentester Should Know

   Mastering essential Linux commands can significantly enhance a pentester's efficiency. Commands like uname, ip a, ss, ps aux, and others are crucial for navigating systems, identifying security vulnerabilities, and conducting investigations. Understanding when and how to use these commands is as important as knowing the commands themselves.

   109

   4
5. 5
   Article

   InfoSec Write-ups·51w

   How to Install a Honeypot to Catch Hackers

   Creating a honeypot is a proactive cybersecurity measure that lures hackers to a simulated system, allowing you to observe their actions and improve security. This guide explains the types of honeypots, their purpose, and provides a step-by-step process for installing a basic SSH honeypot using Cowrie. It emphasizes the importance of monitoring and analyzing logs, maintaining isolation from production environments, and adhering to legal boundaries.

   102
6. 6
   Video

   John Hammond·1y

   I Backdoored Cursor AI

   The post explains how a vulnerability in Electron-based applications, like the AI code editor Cursor, can be exploited using Loki C2, a Node.js-based command and control framework. It demonstrates setting up and using Loki to backdoor Electron applications by replacing their JavaScript files, allowing for remote execution of arbitrary code. The post also discusses how to ensure the targeted application remains functional while compromised, highlighting the collaboration between the author and the developer of Loki C2.

   84

   2
7. 7
   Article

   ITNEXT·1y

   SSH LLM Honeypot caught a real threat actor

   A detailed guide on how an SSH LLM honeypot successfully trapped a real threat actor who downloaded and attempted to execute malicious binaries. The honeypot, Beelzebub, was configured with an OpenAI key and analyzed the actions of the attacker, including their attempts to connect the server to a botnet via a Perl script. The post also includes steps to configure and run the honeypot using Docker, and discusses the information gathered from the threat actor's activities, as well as actions taken to mitigate the threat.

   78

   1
8. 8
   Article

   Community Picks·1y

   Terminal

   The post provides a collection of important external reports and articles related to cybersecurity, including the 2024 Consumer and Business Cybersecurity Assessment Reports by BitDefender, the 2023 Annual Data Breach Report by ITRC, and the 2024 DBIR Insights by Verizon. Additional resources mentioned include the FBI Internet Crime Complaint Center and the Anti-Phishing Working Group.

   71

   2
9. 9
   Video

   Eric Parker·1y

   This "Game" is Stealing Your Data

   Eric discusses the discovery and analysis of a fake game being distributed online, which installs malware on a user's system. This malware is sophisticated, using extended validation (EV) certificates to avoid detection by antivirus software. The video explores the technical details of the malicious payload and emphasizes the importance of zero trust solutions like Threat Locker for robust cybersecurity. The fake game's promotion through a seemingly legitimate campaign highlights the need for vigilance when downloading software.

   54

   2
10. 10
    Video

    Mental Outlaw·1y

    ThunderMail - A Future FOSS Gmail Alternative

    ThunderMail, an upcoming open-source alternative to Gmail by Mozilla, aims to provide a private, ad-free email service with integrated calendar and contact management. It will offer services such as end-to-end encrypted file sharing and utilize Flower AI for privacy-preserving federated learning. ThunderMail is designed to offer more privacy and freedom compared to current webmail solutions.

    24

    2
11. 11
    Video

    Low Level Learning·1y

    command and conquer generals is a security masterpiece

    EA has released the source code for Command and Conquer Generals: Zero Hour to support the modding community. An offensive security researcher delves into the code to explore network vulnerabilities and encryption methods used in the game, discovering low-level encryption techniques and opportunities for packet manipulation.

    16
12. 12
    Video

    Fireship·1y

    Respected computer scientist disappears under mysterious circumstances…

    Dr. Xia Fong Wang, a computer science professor at Indiana University specializing in machine learning security, has mysteriously disappeared. His university profile has been wiped, and the FBI has raided his home. His disappearance has sparked various theories, including his involvement in espionage or fleeing from impending consequences of alleged misconduct. The post also highlights cases of programmers engaging in malicious activities, such as sabotaging computer systems with kill switches or logic bombs, emphasizing the potential dangers posed by skilled programmers.

    15
13. 13
    Article

    Hacker News·1y

    Thousands of North Korean IT workers have infiltrated the Fortune 500—and they keep getting hired for more jobs

    North Korean IT workers have been infiltrating Fortune 500 companies by using stolen or fake identities, funneling salaries to fund prohibited weapons programs. Despite efforts to prevent this, the scheme has generated hundreds of millions annually since 2018. Experts emphasize the importance of rigorous identity verification and ongoing security practices to combat this threat.

    15

    4
14. 14
    Video

    John Hammond·1y

    Finding Web App Vulnerabilities with AI

    Discover how Burp Suite's new AI features can help find web application vulnerabilities more effectively. The video demonstrates setting up and using Burp AI, a tool integrated into Burp Suite Professional, within a Kali Linux environment. By leveraging AI, the tool can automate and enhance various security testing tasks, significantly aiding in penetration testing efforts. Key capabilities include scanning for vulnerabilities, reducing false positives, and providing intelligent automation to supplement manual testing efforts.

    12
15. 15
    Article

    freeCodeCamp·1y

    How to Use Wireshark Filters to Analyze Your Network Traffic

    Wireshark is a powerful open-source tool for network packet analysis, essential for network administrators and cybersecurity enthusiasts. It allows for the capture and detailed examination of network traffic, aiding in troubleshooting and detecting suspicious activities. This post covers the installation and use of Wireshark on Ubuntu, including how to capture traffic, understand its interface, apply display filters, and conduct security analyses. Mastery of Wireshark’s filtering capabilities can significantly enhance network troubleshooting and security monitoring efficiency.

    11
16. 16
    Article

    Tech Lead Digest·51w

    XRP supply chain attack: Official NPM package infected with crypto stealing backdoor

    A sophisticated attack compromised the official xrpl NPM package by inserting a backdoor to steal cryptocurrency private keys, affecting numerous applications and websites. The attack involved releasing unauthorized versions of the package containing malicious code. Users are advised to check if they have used the compromised versions and take immediate steps to secure their wallets. Aikido Intel detected the malware and has updated the threat feed to protect against such vulnerabilities.

    10
17. 17
    Article

    InfoSec Write-ups·52w

    How to Secure Your Home Wi-Fi Network from Hackers

    Simple yet effective steps to secure your home Wi-Fi network include changing the default router login credentials, modifying the SSID, using a strong Wi-Fi password, configuring WPA3/WPA2 encryption, disabling WPS, regularly updating router firmware, disabling remote management, setting up a guest network, monitoring connected devices, turning off the network when not in use, and placing the router centrally in your home. These actions help protect your personal data and prevent unauthorized access.

    10
18. 18
    Article

    The Dev Craft·1y

    Cybersecurity Personal Portfolio

    Cybersecurity student and software developer launches a personal website to showcase projects, skills, and ongoing work. Open to feedback on the site.

    10

    5