Kris
@kris-cybersec.bsky.social
Just a regular guy who works in cybersecurity.
Hi. The slowest CVE aggregator.
It fetches data from NVD CVE, EPSS, and KEV. It’s not the fastest tool out there, but it gets the job done. A bit clunky, the CLI tool written in Rust : ) Link in the comments.
#cybersecurity #appsec #rust #devsecops
It fetches data from NVD CVE, EPSS, and KEV. It’s not the fastest tool out there, but it gets the job done. A bit clunky, the CLI tool written in Rust : ) Link in the comments.
#cybersecurity #appsec #rust #devsecops
January 9, 2025 at 5:45 PM
Hi. The slowest CVE aggregator.
It fetches data from NVD CVE, EPSS, and KEV. It’s not the fastest tool out there, but it gets the job done. A bit clunky, the CLI tool written in Rust : ) Link in the comments.
#cybersecurity #appsec #rust #devsecops
It fetches data from NVD CVE, EPSS, and KEV. It’s not the fastest tool out there, but it gets the job done. A bit clunky, the CLI tool written in Rust : ) Link in the comments.
#cybersecurity #appsec #rust #devsecops
Hi! Got any favorite podcasts about AppSec and CloudSec?
Here's my list:
• 𝗧𝗵𝗲 𝗘𝗹𝗲𝗽𝗵𝗮𝗻𝘁 𝗜𝗻 𝗔𝗽𝗽𝘀𝗲𝗰: t.ly/jYhkc
• 𝗧𝗵𝗲 𝗖𝗹𝗼𝘂𝗱 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗽𝗼𝗱𝗰𝗮𝘀𝘁: t.ly/yB9UN
• 𝗧𝗵𝗲 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗽𝗼𝗱𝗰𝗮𝘀𝘁: t.ly/Tr2t9
• 𝗧𝗵𝗲 𝘀𝗲𝗰𝘂𝗿𝗲 𝗱𝗲𝘃𝗲𝗹𝗼𝗽𝗲𝗿: t.ly/5iGC4
#appsec #cloudsec #podcast #cybersecurity #kubernetes
Here's my list:
• 𝗧𝗵𝗲 𝗘𝗹𝗲𝗽𝗵𝗮𝗻𝘁 𝗜𝗻 𝗔𝗽𝗽𝘀𝗲𝗰: t.ly/jYhkc
• 𝗧𝗵𝗲 𝗖𝗹𝗼𝘂𝗱 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗽𝗼𝗱𝗰𝗮𝘀𝘁: t.ly/yB9UN
• 𝗧𝗵𝗲 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗽𝗼𝗱𝗰𝗮𝘀𝘁: t.ly/Tr2t9
• 𝗧𝗵𝗲 𝘀𝗲𝗰𝘂𝗿𝗲 𝗱𝗲𝘃𝗲𝗹𝗼𝗽𝗲𝗿: t.ly/5iGC4
#appsec #cloudsec #podcast #cybersecurity #kubernetes
January 7, 2025 at 11:13 AM
Hi! Got any favorite podcasts about AppSec and CloudSec?
Here's my list:
• 𝗧𝗵𝗲 𝗘𝗹𝗲𝗽𝗵𝗮𝗻𝘁 𝗜𝗻 𝗔𝗽𝗽𝘀𝗲𝗰: t.ly/jYhkc
• 𝗧𝗵𝗲 𝗖𝗹𝗼𝘂𝗱 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗽𝗼𝗱𝗰𝗮𝘀𝘁: t.ly/yB9UN
• 𝗧𝗵𝗲 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗽𝗼𝗱𝗰𝗮𝘀𝘁: t.ly/Tr2t9
• 𝗧𝗵𝗲 𝘀𝗲𝗰𝘂𝗿𝗲 𝗱𝗲𝘃𝗲𝗹𝗼𝗽𝗲𝗿: t.ly/5iGC4
#appsec #cloudsec #podcast #cybersecurity #kubernetes
Here's my list:
• 𝗧𝗵𝗲 𝗘𝗹𝗲𝗽𝗵𝗮𝗻𝘁 𝗜𝗻 𝗔𝗽𝗽𝘀𝗲𝗰: t.ly/jYhkc
• 𝗧𝗵𝗲 𝗖𝗹𝗼𝘂𝗱 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗽𝗼𝗱𝗰𝗮𝘀𝘁: t.ly/yB9UN
• 𝗧𝗵𝗲 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗽𝗼𝗱𝗰𝗮𝘀𝘁: t.ly/Tr2t9
• 𝗧𝗵𝗲 𝘀𝗲𝗰𝘂𝗿𝗲 𝗱𝗲𝘃𝗲𝗹𝗼𝗽𝗲𝗿: t.ly/5iGC4
#appsec #cloudsec #podcast #cybersecurity #kubernetes
Hi all! As the new year begins, it’s a great time to refresh your knowledge. If you're interested in hands-on labs to test your skills on topics from the t.ly/v1usV I recommend these two sites: t.ly/My4MZ and t.ly/jx6-C
Happy learning.
#api #software #appsec #apisecurity #owasp #cybersecurity
Happy learning.
#api #software #appsec #apisecurity #owasp #cybersecurity
OWASP Top 10 API Security Risks – 2023 - OWASP API Security Top 10
The Ten Most Critical API Security Risks
t.ly
January 2, 2025 at 3:20 PM
Hi all! As the new year begins, it’s a great time to refresh your knowledge. If you're interested in hands-on labs to test your skills on topics from the t.ly/v1usV I recommend these two sites: t.ly/My4MZ and t.ly/jx6-C
Happy learning.
#api #software #appsec #apisecurity #owasp #cybersecurity
Happy learning.
#api #software #appsec #apisecurity #owasp #cybersecurity
Reposted by Kris
In the nascent field of mycoforestry, Christmas tree-growers are combining saplings with symbiotic fungi to grow timber and mushrooms on the same plots of land.
How Christmas Trees Could Become a Source of Low-Carbon Protein
In the nascent field of mycoforestry, tree-growers are combining saplings with symbiotic fungi to grow timber and mushrooms on the same plots of land.
buff.ly
December 25, 2024 at 12:38 PM
In the nascent field of mycoforestry, Christmas tree-growers are combining saplings with symbiotic fungi to grow timber and mushrooms on the same plots of land.
Reposted by Kris
Destroy this myth. Please share if you have visited and researched in a library this past year! RT And give a shout out to your favorite library you have ever visited.
December 21, 2024 at 12:49 AM
Destroy this myth. Please share if you have visited and researched in a library this past year! RT And give a shout out to your favorite library you have ever visited.
Relying only on SAST, DAST, and SCA isn’t enough. By proactively addressing risks early, we can build stronger, more secure software. Check out my latest article to learn how to turn security challenges into opportunities! Link in the comment below.
#appsec #cybersecurity #shiftleft #devsecops
#appsec #cybersecurity #shiftleft #devsecops
December 19, 2024 at 5:32 PM
Relying only on SAST, DAST, and SCA isn’t enough. By proactively addressing risks early, we can build stronger, more secure software. Check out my latest article to learn how to turn security challenges into opportunities! Link in the comment below.
#appsec #cybersecurity #shiftleft #devsecops
#appsec #cybersecurity #shiftleft #devsecops
Reposted by Kris
The OWASP LLM and Generative AI Security Project is thrilled to announce the launch of the Agentic Security Initiative designed to tackle the unique security challenges posed by Autonomous AI agents.
genai.owasp.org/2024/12/15/a...
#owasp #appsec #ai #llm
genai.owasp.org/2024/12/15/a...
#owasp #appsec #ai #llm
Announcing the OWASP LLM and Gen AI Security Project Initiative for Securing Agentic Applications - OWASP Top 10 for LLM & Generative AI Security
The OWASP LLM and Generative AI Security Project is thrilled to announce the launch of the Agentic Security Initiative designed to tackle the unique security challenges posed by Autonomous AI agents. ...
genai.owasp.org
December 17, 2024 at 5:25 PM
The OWASP LLM and Generative AI Security Project is thrilled to announce the launch of the Agentic Security Initiative designed to tackle the unique security challenges posed by Autonomous AI agents.
genai.owasp.org/2024/12/15/a...
#owasp #appsec #ai #llm
genai.owasp.org/2024/12/15/a...
#owasp #appsec #ai #llm
Reposted by Kris
Small business face security threats just like larger corporations. However unlike larger corporations, small business might not have the ability to staff huge IT teams. Ashley Knowles of BHIS has gathered a list of steps and resources that small IT teams can do to obtain reasonable security.
December 11, 2024 at 8:56 PM
Small business face security threats just like larger corporations. However unlike larger corporations, small business might not have the ability to staff huge IT teams. Ashley Knowles of BHIS has gathered a list of steps and resources that small IT teams can do to obtain reasonable security.
Hi everyone. Here's a quick overview of the latest edition of the OWASP Top 10 LLM, complete with links to practical exercises — part one. Enjoy!
medium.com/@krisinfosec...
#cybersecurity #appsec #llm #llmsecurity
OWASP Top 10 for LLM with practical training — part 1
In mid-November 2025, OWASP released a great analysis of the 10 most significant risks related to LLM (Large Language Models) applications…
medium.com
December 3, 2024 at 5:32 PM
Hi everyone. Here's a quick overview of the latest edition of the OWASP Top 10 LLM, complete with links to practical exercises — part one. Enjoy!
medium.com/@krisinfosec...
#cybersecurity #appsec #llm #llmsecurity
Reposted by Kris
If you don't make time for maintenance, maintenance will make time for you!
November 26, 2024 at 5:40 PM
If you don't make time for maintenance, maintenance will make time for you!
Reposted by Kris
Daniel Grzelak has released Awseye, a so-called Shodan for AWS, an OSINT and reconnaissance service that tracks and analyzes publicly accessible AWS data
awseye.com
awseye.com
November 26, 2024 at 3:36 PM
Daniel Grzelak has released Awseye, a so-called Shodan for AWS, an OSINT and reconnaissance service that tracks and analyzes publicly accessible AWS data
awseye.com
awseye.com
A little while back, I shared my thoughts on transitioning into cybersecurity. I hope someone finds it helpful!
medium.com/@krisinfosec...
#cybersecurity
medium.com/@krisinfosec...
#cybersecurity
Transition to cybersecurity -will hurt
For many IT professionals, transitioning into the field of cybersecurity is an appealing career move. With the increasing importance of…
medium.com
November 26, 2024 at 12:06 PM
A little while back, I shared my thoughts on transitioning into cybersecurity. I hope someone finds it helpful!
medium.com/@krisinfosec...
#cybersecurity
medium.com/@krisinfosec...
#cybersecurity
Reposted by Kris
Tools
Cloud Auditing Tool - github.com/nccgroup/ScoutSuite
Post-Exploitation toolset
github.com/dafthack/GraphRunner
Find gaps within Azure MFA requirements.
github.com/absolomb/FindMeAccess
BloodHound github.com/BloodHoundAD/AzureHound
Azure AD hacking & admin
github.com/Gerenios/AADInternals
GitHub - nccgroup/ScoutSuite: Multi-Cloud Security Auditing Tool
Multi-Cloud Security Auditing Tool. Contribute to nccgroup/ScoutSuite development by creating an account on GitHub.
github.com
November 20, 2024 at 10:01 PM
Tools
Cloud Auditing Tool - github.com/nccgroup/ScoutSuite
Post-Exploitation toolset
github.com/dafthack/GraphRunner
Find gaps within Azure MFA requirements.
github.com/absolomb/FindMeAccess
BloodHound github.com/BloodHoundAD/AzureHound
Azure AD hacking & admin
github.com/Gerenios/AADInternals
Some time ago, I wrote an article about a brief introduction to the Kyber post-quantum algorithm and an overview of the available libraries that utilize it.
I hope you find it helpful.
#appsec #post-quantum #kyber #cybersecurity
medium.com/@krisinfosec...
I hope you find it helpful.
#appsec #post-quantum #kyber #cybersecurity
medium.com/@krisinfosec...
Post-quantum cryptography — Kyber
CRYSTAL-Kyber example open-source libraries
medium.com
November 19, 2024 at 8:07 PM
Some time ago, I wrote an article about a brief introduction to the Kyber post-quantum algorithm and an overview of the available libraries that utilize it.
I hope you find it helpful.
#appsec #post-quantum #kyber #cybersecurity
medium.com/@krisinfosec...
I hope you find it helpful.
#appsec #post-quantum #kyber #cybersecurity
medium.com/@krisinfosec...