Near Field Communication, or NFC, is a short-range wireless communication technology that enables devices to interact with each other within a close proximity, typically within a few centimeters. It operates at a frequency of 13.56 MHz and can be used for various applications, such as contactless payment systems, secure access control, and data sharing between devicesContinue reading “Near Field Communication (NFC)”
Tag Archives: cybersecurity
Wazuh
Setting up Wazuh on Virtual Machine (OVA) User: wazuh-user Password: wazuh In our case it will be https://192.168.29.160 You will get the following web page User: admin Password: admin Setting up an agent on the endpoint. Once you login into the wazuh dashboard you can add agents: On clicking Agents option you will get theContinue reading “Wazuh”
Weekly roundup for August 20 to 26
SEIKO Data Breach The watch manufacturing company Seiko, targeted by the threat group BlackCat/ALPHV who operates as ransomware as a service. On August 10, the company notified its customers about a data breach after they detected unauthorized access to its server. Cloud Host Lost All Data There has been a cyber attack on two cloudContinue reading “Weekly roundup for August 20 to 26”
HackTheBox – Keeper
User Flag Ater adding the target machine in /etc/hosts we conducted a NMAP scan. While accessing the IP over browser we got the following URL. After adding this URL in the /etc/hosts file we tried to access the URL. We tried to brute force the credentials manually and the following credential set worked. root:password UponContinue reading “HackTheBox – Keeper”
HackTheBox – Photobomb
NMAP Scanning Added address in /etc/hosts and open the web page Upon clicking the link it asks for credentials. As we do not have any credentials I got the page below. I tried to view the source code and found the photobomb.js file. After opening that file I got the credentials. Username: pH0t0 Password: b0Mb!Continue reading “HackTheBox – Photobomb”
Domain 1: Security and Risk Management
CIA Triad: IAAA: Accounting: The action owner logs are reviewed for violations Non-repudiation: The action owner cannot deny his/her actions Governance(Not us): Management(Us): Principle: There are 2 types of principles: Standards and Frameworks There are many security frameworks and standards available for security implementation and guidance for any organization. A few examples are Protection MethodsContinue reading “Domain 1: Security and Risk Management”
Common Linux Privilege Escalation
Used room: https://tryhackme.com/room/commonlinuxprivesc Privilege Escalation is a practice. It mainly depends upon configuration done in the system that acts as a weakness to escalate the privileges. These configurations can be of many types. For e.g.: So, today or tonight we will see various methods to do privilege escalation in Linux. Step 1: Enumerate the machineContinue reading “Common Linux Privilege Escalation”
Net Sec Challenge
What is the highest port number being open less than 10,000? 8080 There is an open port outside the common 1000 ports; it is above 10,000. What is it? 10021 How many TCP ports are open? 6 What is the flag hidden in the HTTP server header? THM{web_server_25352} What is the flag hidden in theContinue reading “Net Sec Challenge”
AWS Developer Service
Software developers use tools to accelerate the software development and release cycle. Services: Cloud9 Cloud9 allows you to write code within an integrated development environment (IDE) from within your web browser. Features: Integrated development environment (IDE). Write and debug code. Supports popular programming languages. Cloud9 preconfigures the development environment with the needed SDKs and libraries.Continue reading “AWS Developer Service”
Machine Learning Services
Artificial Intelligence(AI) teaches computers to do things that normally require human intelligence. Some services: Rekognition Rekognition allows you to automate your image and video analysis. Features: Image and video analysis. Identify custom labels in images and videos. Face to text detection in images and videos. Comprehend Comprehend is a natural-language processing (NLP) service that findsContinue reading “Machine Learning Services”
