eb requests are the backbone of the internet. Whether you’re browsing a website or making an API call, every interaction with a web application involves sending and receiving web requests. In this post, we will explore the basics of how web requests work. What is a web request? A web Read more
duals and organizations to exploit for financial gain or to steal sensitive data. As an individual, it’s important to take measures to protect yourself from these online threats. In this blog post, we will discuss some of the steps you can take to stay secure online and avoid hackers. Strong Read more
DOM-based cross-site scripting (XSS) is a type of web vulnerability that allows an attacker to inject malicious code into a web page. The code is then executed by the browser, allowing the attacker to steal sensitive information, modify the content of the page, or redirect the user to a malicious Read more
An IDS (intrusion detection system) and an IPS (intrusion prevention system) are both security technologies that are used to protect computer networks from attacks. The main difference between the two is the way they respond to potential security threats. An IDS is a passive security system that monitors network traffic Read more
Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Nmap.org This tool can be used to to obtain a network inventory, determine what ports are open on a host, what services are running on ports, the version of those services, operating system Read more
This week I am working on the Windows Events room by Tryhackme. Per Wikipedia, “Event logs record events taking place in the execution of a system to provide an audit trail that can be used to understand the activity of the system and to diagnose problems. They are essential to Read more
“Burp Suite is a framework of web application pentesting tools, it is widely regarded as the de facto tool to use when performing web app testing.” Source: https://tryhackme.com/room/rpburpsuite I am using the “Burp Suite” room from TryHackme to build this resource. Burp Suite is pre-installed on Kali Linux, if you’ll Read more
https://tryhackme.com/path/outline/presecurity TryHackMe.com has an awesome new Learning Path that can take you from curious to ready-to-learn specialized cybersecurity content. The Pre Security learning path will easily make you familiar with the basics including Network Fundamentals, How the Web Works, Linux Fundaments, and Windows Fundamentals! The combination of networking, web, and Read more
oday I am working on the Gotta Catch’em All challenge from TryHackMe.com. Getting help from: https://medium.com/@aritrachakraborty_74303/gotta-catchem-all-a-writeup-for-ctf-style-thm-box-but-with-generic-techniques-904dc58e3890 I got the IP address of the box and started with an Nmap scan: Next, I wanted to see what was open on port 80. I noticed the http-title was “Can You Find Them All?”. Read more
Today I am working on the Vulnversity challenge from tryhackme.com I start with an nmap scan with the service version flag against the host: nmap -sV hostipaddress TryHackMe had a great nmap reference table so I pasted it below: I found a web server on port 3333 and started to Read more