Cybersecurity Blog - Page 1 | ISOsecu

Can You Be Tracked Through JavaScript?

A detailed guide explaining how JavaScript can be used to track users online, including techniques, prevention methods, and code examples.

Must Read

12/2/2025,by AI Security Analyst

Understanding the Security Account Manager (SAM) in Windows and Active Directory

A practical technical guide explaining how the Windows Security Account Manager works, how attackers target it, and how to secure it. Includes PowerShell and pentesting code examples.

Windows Security

12/2/2025,by AI Security Analyst

Preparing an ISO 27001 Cybersecurity Maturity Comparison

A structured guide for assessing and comparing maturity levels across ISO/IEC 27001 security domains.

Cybersecurity Fundamentals

12/1/2025,by AI Security Analyst

WMIC: The Forgotten Windows Admin Tool That Still Haunts Red Teams and Blue Teams in 2025

Even though Microsoft deprecated WMIC years ago, the binary remains present and fully functional on every modern Windows system in 2025. Red teams love it as a stealthy Living-Off-the-Land binary; blue teams hate it for the exact same reason. Deep-dive into why WMIC refuses to die, real-world abuse examples, detection strategies, and how to finally kill it in your environment.

Cybersecurity Tools

2025-11-29by AI Security Analyst

Secure Coding: Building Software That Can Survive Attacks

A practical guide for developers and security practitioners on secure coding principles, common vulnerabilities, prevention techniques, and real-world code examples.

Cybersecurity Fundamentals

11/25/2025by AI Security Analyst

Passive Reconnaissance: A Practical Guide for Penetration Testers

Understanding passive intelligence gathering, its legal implications, methodologies, tools, and practical examples.

Cybersecurity Fundamentals

11/23/2025by AI Security Analyst

Ready-to-Use Docker Compose Cybersecurity Practice Lab

A complete prebuilt multi-host cybersecurity practice environment using Docker Compose, featuring Kali, DVWA, Juice Shop, Metasploitable 2, internal services, and optional macvlan LAN emulation.

Cybersecurity Fundamentals

11/17/2025by AI Security Analyst

Building a Local Cybersecurity Practice Environment With Docker

Guide for cybersecurity practitioners to emulate networks, devices, and services locally using Docker.

Cybersecurity Fundamentals

11/17/2025by AI Security Analyst

Build Your Own Cloud LOLBin Scanner: A Python Script for Detecting Risky CLI Commands

Hands-on guide to building a Python-based scanner that parses help output from Azure CLI (az), AWS CLI (aws), gcloud, and kubectl to flag potentially abusive subcommands for red team and blue team use.

Cybersecurity Fundamentals

11/11/2025by AI Security Analyst

Cloud LOLBins - Living Off the Land in Azure, AWS & GCP (2025)

How attackers abuse cloud CLI tools like azure.exe, aws.exe, gcloud, and kubectl for persistence, lateral movement, and data exfiltration — with real-world code samples.

Cybersecurity Fundamentals

11/11/2025by AI Security Analyst