Useful Resources and Concepts
Latest Web Security Posts
OWASP TOP 10 – Flashcards. Learn OWASP Top 10 using flashcards
log4shell 0-day Exploit in log4j v2 – What it is? How to Identify and Mitigate the Vulnerability (CVE-2021-44228)
What is log4shell ? “Log4Shell” got its name by researchers at LunaSec and credited to Chen Zhaojun of Alibaba. It is an remote code execution vulnerability. This vulnerability has been found in Apache Log4j library, which is an open source logging utility which is written in Java and developed by Apache Software Foundation. This library is… Read More »log4shell 0-day Exploit in log4j v2 – What it is? How to Identify and Mitigate the Vulnerability (CVE-2021-44228)
Quickly Find Dom-Based XSS Vulnerabilities with Burp Suite’s Dom Invader.
EyeWitness is an open-source tool that is used to take screenshots of the website RDP services, and open VNC servers, provide some server header info and identify default credentials if known.
There is a significant increase in cybersecurity requirements with the exponential growth of job postings over 94% in just seven years. As opposed to this surge, other IT jobs have just grown over 30% in general. So, that leaves a 300% increase in the demand encompassing all IT job profiles. Cybersecurity happens to account for about 13% of all IT jobs.
DNS, or the Domain Name System, resolves human readable domain names (for example, http://www.hacksheets.in) to machine readable IP addresses (for example, 188.8.131.52).
What is Recon-ng?
Recon-ng is a full-featured reconnaissance framework that has a similar interface to that of Metasploit(which comes in handy and easy to use).
Recon-ng has the command-line interface which you can run on Kali Linux, also you enter a shell-like environment where you can configure options, perform recon, and output results to different report types.
Whois is an Internet service and protocol by which we can find who owns a domain of an website, and displays information about domain name Whois is an Internet service and protocol that searches and displays information about a domain name from repositories of domain name registrars worldwide, and their IP adress block, or an autonomous system etc.
Something went wrong. Please refresh the page and/or try again.