- Concepts1. RPC (Remote Procedure Call): Protocol that enables a program to execute a procedure on a remote system as if it were a local function.2. rpcbind: Critical component in the RPC system. It translates RPC program nums into network addresses where the programs are available.3. NFS (Network File System): Protocol that allows users to access files over a network as if they were located on..
Study Record/Cybersecurity
1. secure boot: UEFI feature that ensures only trusted and signed software (e.g., OS bootloaders) runs during the startup process. It prevents boot-level malware, such as rootkits, from executing by validating digital signatures.2. argon2: Secure key derivation function designed fpr password hashing. It is highly resistant to attacks like GPU/ASIC brute forcing and provides a more secure alterna..
1. One-Way Authentication vs Mutual Authentication: - One-Way: Only the server is authenticated. Used in most websites (e.g., HTTPS) - Mutual: Used in VPNs, financial systems, or other high-security environments.2. Hardware Root of Trust: A secure hardware module that provides a foundation for trust in a system by encuring hardware-based security. (e.g, TPM)3. TPM (Trusted Platform Module):..
- Concepts1. Bootstrap: Opensource frontend framework developed by Twitter2. LFI: Local File Inclusion3. index.php: Typically serves as the entry point or default page of a website4. https://github.com/swisskyrepo/PayloadsAllTheThings GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTFA list of useful payloads and bypass f..
1. NTP (Network Time Protocol): Synchronizes device clocks for accuracy in logging, authentication, and encryption.2. FIM (File Integrity Monitoring): Detects unauthorized changes to files and generates alerts and ensures compliance with security standards. (e.g., Tripwire, OSSEC, etc.)3. ICMP (Internet Control Message Protocol): Enables error reporting, diagnostics, and troubleshooting in netwo..
- Concepts1. Spider in Burp suite: maps and explores web applications by automatically crawling their content. It identifies pages, files, and parameters that might not be immediately visible.2. /bin/dash: A lightweight POSIX-compliant shell3. POSIX (Portable Operating System Interface): A family of standards specified by the IEEE to maintain compatibility between operating systems.4. EUID (Effe..
1. What is CSRF?- CSRF (Cross-Site Request Forgery) is a type of web security vulnerability which tricks a vitim into performing unwanted actions on a website where they are authenticated.- How CSRF work:1) The victim logs into a legitibate website and their browser stroes an authentication cookie.2) The attacker crafts a malicious link, form or script that sends a request to the target website...
1. What is XSS?- XSS (Cross-Site Scripting) is a type of security vulnerability which injects malicious script into webpages viewed by other users.- Occurs when a web application does not properly validate user input. 2. Types of XSS vulnerabilities 1) Stored XSS- The malicious script is permanently stored on the target server (e.g., in a database or comment field).- When a user accesses the com..
- Concepts1. CCS injection (Change Cipher Spec Injection): Vulnerability that affects the TLS/SSL handshake process, specifically in implementations like OpenSSL. It allows an attacker to inject a crafted ChangeCipherSpec (CSS) message at an unexpected point in the handshake process, potentially enabling man-in-the-middle (MITM) attacks. - TLS Handshake Basics: During a normal TLS handshake, t..
- This machine is very simillar to reality- We can learn how to distinguish between crashing the system and being banned. This is crucial in real-world penetration testing scenarios. - Concepts1. nibble: A unit of digital information that consists of 4 bits. (e.g., Binary: 1010 -> Hexadecimal: A)2. ASCII (American Standard Code for Information Interchange): Character Encoding standard used to re..
- Concepts1. Burp Suite: Tool for web application security testing. - Intercepting Proxy: Acts as a web proxy that allows you to intercept and modify HTTP/S traffic between your browser and the server. - Spider (Crawler): Automates the process of mapping a web application by crawling its pages to find links and endpoints. - Scanner: Automatically scans for vulnerabilities like SQL injectio..
1. TTY?In Linux, TTY refers to virtual terminals that emulate the behavior of the original hardware teletypeprinters. TTY settings define how the terminal interacts with user input and system output. TTY settings influence:1) Key behavior (e.g, Ctrl + C, Ctrl + Z, or arrow keys)2) Terminal size (rows and columns for displaying text)3) Input/output processing, such as echoing typed characters4) S..
