Skip to content

Web Application

Tools

Information Gathering

Scanning

Intercepting Proxy

Useful Resources and Concepts


Latest Web Security Posts

log4shell 0-day Exploit in log4j v2 – What it is? How to Identify and Mitigate the Vulnerability (CVE-2021-44228)

What is log4shell ? “Log4Shell” got its name by researchers at LunaSec and credited to Chen Zhaojun of Alibaba. It is an remote code execution vulnerability. This vulnerability has been found in Apache Log4j library, which is an open source logging utility which is written in Java and developed by Apache Software Foundation. This library is… Read More »log4shell 0-day Exploit in log4j v2 – What it is? How to Identify and Mitigate the Vulnerability (CVE-2021-44228)

Dom Invader – Burp Suite tool to Find DOM Based XSS Easily

Quickly Find Dom-Based XSS Vulnerabilities with Burp Suite’s Dom Invader.

EyeWitness

EyeWitness is an open-source tool that is used to take screenshots of the website RDP services, and open VNC servers, provide some server header info and identify default credentials if known.

Increasing Need For Cybersecurity Professionals

There is a significant increase in cybersecurity requirements with the exponential growth of job postings over 94% in just seven years. As opposed to this surge, other IT jobs have just grown over 30% in general. So, that leaves a 300% increase in the demand encompassing all IT job profiles. Cybersecurity happens to account for about 13% of all IT jobs.

What is DNS? (“The Phonebook of Internet”) – Cheatsheet

DNS, or the Domain Name System, resolves human readable domain names (for example, http://www.hacksheets.in) to machine readable IP addresses (for example, 192.0.1.45).

Recon-ng

What is Recon-ng?
Recon-ng is a full-featured reconnaissance framework that has a similar interface to that of Metasploit(which comes in handy and easy to use).
Recon-ng has the command-line interface which you can run on Kali Linux, also you enter a shell-like environment where you can configure options, perform recon, and output results to different report types.

Whois ( “who owns a domain?”)

Whois is an Internet service and protocol by which we can find who owns a domain of an website, and displays information about domain name Whois is an Internet service and protocol that searches and displays information about a domain name from repositories of domain name registrars worldwide, and their IP adress block, or an autonomous system etc.

Loading…

Something went wrong. Please refresh the page and/or try again.

%d bloggers like this: