A collection of guides on vulnerability analysis, security practices, and DevSecOps.
Live site: https://guru2linux.github.io/vuln-analysis-blog
Security Analysis of a Python Job Application Tracker — Applying real-world vulnerability assessment techniques — threat modeling, OWASP mapping, CVSS prioritization — to a personal Python project built with SQLAlchemy, Gmail API, and Dash.
How I Analyze Vulnerabilities Using Tenable — A walkthrough of my real-world workflow for analyzing vulnerabilities using Tenable in a DevSecOps environment.
Using OWASP Top 10 for Vulnerability Analysis — A comprehensive guide on integrating the OWASP Top 10 framework into vulnerability analysis workflows for prioritization, risk assessment, and remediation planning.
Metasploit Framework for Vulnerability Analysis & Exploitation — A comprehensive guide on using Metasploit to validate vulnerabilities, execute exploits, and assess real-world impact during penetration testing.
Setting Up Wazuh on a Proxmox Server — A step-by-step guide to deploying Wazuh on a Proxmox server for unified security monitoring.
Nmap Scanning Techniques for Vulnerability Reconnaissance — A practical walkthrough of using Nmap for network reconnaissance, service enumeration, and vulnerability detection as part of a penetration testing workflow.
Burp Suite for Web Application Penetration Testing — Using Burp Suite to intercept traffic, manually test for OWASP Top 10 vulnerabilities, and validate web application security findings.