Unmasking the Hidden IP Addresses Behind Cloudflare
In the ever-evolving landscape of cybersecurity, website owners are constantly seeking ways to shield their online identities. One popular method
Understanding JWT (JSON Web Token): Enhancing Authentication and Authorization in Web Applications
Introduction: In the realm of web application development, secure authentication and authorization mechanisms are paramount. JSON Web Token (JWT) has
Insecure Source Code Management: Mitigating Risks for Secure Software Development
Introduction: Source code management (SCM) systems are vital tools for software development, enabling version control, collaboration, and tracking changes. However,
Unveiling the Risks of Insecure Randomness: Safeguarding Data Security
Introduction: Randomness plays a crucial role in various aspects of computer systems and cryptography. It is the foundation for generating
The Risks of Insecure Management Interfaces: Safeguarding Critical Access Points
Introduction: In the modern era of technology-driven operations, management interfaces have become vital components for controlling and configuring various systems
Understanding Insecure Direct Object References: A Potential Threat to Application Security
Introduction: In today’s interconnected digital landscape, ensuring the security of web applications and systems has become paramount. However, vulnerabilities still
Insecure Deserialization
Insecure deserialization refers to a vulnerability that can occur in software applications that involve the deserialization process. Deserialization is the
HTTP Parameter Pollution
HTTP Parameter Pollution (HPP) is a type of web application vulnerability that affects the security of the web applications. It
GraphQL Injection: A Guide to Protecting Your Applications
GraphQL is a modern and flexible query language for APIs, but with the increased usage of GraphQL, the risk of
File Inclusion
File Inclusion is a type of vulnerability in web applications that allows an attacker to include or execute a remote
Directory Traversal Attack: A Threat to Web Security
Directory traversal, also known as path traversal, is a type of vulnerability that allows an attacker to access files and
Denial of Service (DoS) Attacks Types
In today’s connected world, the availability and reliability of online services are critical for both individuals and businesses. However, these
How to install wireless network adapter Kali Linux and on android phones.
Installing Wireless Network Adapter on Kali Linux: Kali Linux is a popular distribution for ethical hacking and penetration testing. In
The Art of Trapping Hackers: Honeypots
In the world of cybersecurity, trapping hackers can be a valuable tool for organizations looking to better understand the tactics
Is there anybody hacking my phone?
Smartphones have become an integral part of our lives, and they store a significant amount of personal and sensitive information.
Can I hire a hacker to get my account back?
No, hiring a hacker is illegal and unethical, and it can also lead to serious consequences for you. Attempting to
Protecting Yourself Against Man-in-the-Middle Attacks
In today’s digital world, we rely on the internet for a variety of activities, from online banking to shopping and
What hacker attacks are you most likely to encounter?
Some common types of cyber attacks that individuals and organizations may encounter include: Phishing attacks: Attempts to steal sensitive information
Coding and Hacking: Understanding the Connection
What is coding in hacking? Coding in hacking refers to writing code (programming) to create and implement various hacking techniques,
How to use hacking in a good way?
“Hacking” is often associated with malicious activities, but there is also a positive side to it. Ethical hacking, also known
Hacking skills: what are they?
Hacking skills are a set of techniques used to manipulate, exploit, and compromise the security of computer systems, networks, and
The Parts of a Domain Name: What Are They?
A domain name is a unique name that is used to identify a website on the internet. It’s like an
Methods of enumerating subdomains passively
Passive subdomain enumeration is a technique for identifying subdomains of a target domain without actively sending any requests to the
A Guide to Becoming a Bug Bounty Hunter
Becoming a bug bounty hunter involves the following steps: Gain knowledge: Learn about programming, web application security, and the basics
Active Subdomain Enumeration
Active subdomain enumeration is the process of finding subdomains for a target domain through active reconnaissance methods, such as sending
Dependency Confusion
Dependency Confusion is a vulnerability that allows attackers to exploit a weakness in the way that software dependencies are managed.
DNS Rebinding
DNS rebinding is a technique used by attackers to gain unauthorized access to a target device or network by manipulating
Command Injection
Command injection is a type of security vulnerability that occurs when an attacker is able to execute arbitrary commands on
CSV Injection – the formula injection
CSV Injection, also known as formula injection, occurs when a malicious actor is able to inject a formula or malicious
fork-bomb
A fork bomb is a type of malware that can cause a computer to crash by using up all of
Top 20 Cyber Security JOB interview Questions
What is pen testing? Penetration testing, also known as pentesting, is the practice of simulating a cyber attack on a
Keylogger – log & send them to an email
Keyloggers are programs or hardware devices that track a keyboard’s activities (keys pressed). Keyloggers are spyware where users are unaware
CSRF Injection: Cross-Site Request Forgery
Cross-site request forgery (CSRF), also known as XSRF, Sea Surf or Session Riding, is an attack vector that tricks a
Hacker Search Engines
List of Best Hacker-Friendly Search Engines General Search Engines Google Bing Yahoo! Yandex Ask Baidu You Servers Shodan – Search Engine
GitHub user email addresses: how to find them
In this post, we will show you how to find the email address for most GitHub profiles (even if they
CTF help
A curated list of Capture The Flag (CTF) frameworks, libraries, resources, software and tutorials. This list aims to help starters as
CRLF Injection
CRLF – Carriage Return Line Feed When a browser sends a request to a web server, the web server answers
Argument Injection – Vulnerabilities
Argument injection is a type of attack based on tampering with the input parameters of a page. This can enable attackers
Account Takeover Techniques
Account takeover attacks are on the rise, with an estimated 25% of adults in the world falling victim to this
Web Sockets
The WebSocket API is an advanced technology that makes it possible to open a two-way interactive communication session between the
Reverse Shell
A reverse shell is a type of session cyber attackers commonly use to open communication ports between their machines and the victims
R4VEN – Track device location, and IP address, and capture a photo with device details.
The tool hosts a fake website which uses an iframe to display a legit website and, if the target allows
Read free without subscription
Bypass any paywall from website like medium.com and read free. (Paywall Removed) Works with your favorite websites EXAMPLE: this is
Install required packages automatically for a python script
it is a hard to install all the libraries one by one. Each time you have to find out the
Spyboy blog 