What is the highest port number being open less than 10,000? 8080 There is an open port outside the common 1000 ports; it is above 10,000. What is it? 10021 How many TCP ports are open? 6 What is the flag hidden in the HTTP server header? THM{web_server_25352} What is the flag hidden in theContinue reading “Net Sec Challenge”
Tag Archives: cybersecurity
AWS Developer Service
Software developers use tools to accelerate the software development and release cycle. Services: Cloud9 Cloud9 allows you to write code within an integrated development environment (IDE) from within your web browser. Features: Integrated development environment (IDE). Write and debug code. Supports popular programming languages. Cloud9 preconfigures the development environment with the needed SDKs and libraries.Continue reading “AWS Developer Service”
Machine Learning Services
Artificial Intelligence(AI) teaches computers to do things that normally require human intelligence. Some services: Rekognition Rekognition allows you to automate your image and video analysis. Features: Image and video analysis. Identify custom labels in images and videos. Face to text detection in images and videos. Comprehend Comprehend is a natural-language processing (NLP) service that findsContinue reading “Machine Learning Services”
AWS Database Services
Amazon Relational Database Service (RDS) RDS is a service that makes it easy to launch and manage relational databases. Features: Supports popular database engines. Offers high availability and fault tolerance using multi-AZ deployment. AWS manages the database with automatic software patching, automated backups, operating system maintenance, and more. Launch read replicas across Regions in orderContinue reading “AWS Database Services”
Content Delivery Service(CDN)
A CDN mechanism is used to deliver content quickly and efficiently based on geographic location. Note: Latency means the time it takes to respond to a request. Low latency is good! Amazon CloudFront CloudFront is a CDN that delivers data and applications globally with low latency. Features: Makes connections available globally or restricts them basedContinue reading “Content Delivery Service(CDN)”
AWS Introduction
Hey, I have just started learning about the AWS cloud service. During, my whole learning period I will be going to upload my notes or learnings over these blogs for others too. Traditional IT Approach How websites work We have a server that is hosted somewhere and the client uses a web browser to getContinue reading “AWS Introduction”
Cross-site Scripting
It is an injection attack where malicious JavaScript gets injected into a web application with the intention of being executed by other users. Types of XSS Reflected XSS Stored XSS DOM based XSS Blind XSS Reflected XSS Reflected XSS happens when user-supplied data in an HTTP request is included in the webpage source without anyContinue reading “Cross-site Scripting”
Understanding Log4j
What is Log4j? Log4j is a java package mostly a part of the Apache Logging utility used to capture logs. Everything you do on the internet becomes an event that gets captured in a form of a log. Even your inputs also get captured in logs. Your application is vulnerable if it logs a user’sContinue reading “Understanding Log4j”
John The Ripper
John the Ripper is one of the most well known and efficient hash cracking tool. It is a fast in cracking, with an extraordinary range of compatible hash types. What is Hash? A hash is basically a fingerprint of any piece of data. The process of hashing is irreversible i.e. information once converted into aContinue reading “John The Ripper”
Love HackTheBox Walkthrough
Steps followed: Recon – NMAP Directory Busting – GOBUSTER Sensitive data exposure File Upload Vulnerability Shell Upload Reverse TCP exploit Always_Install_Elevated exploit For simplicity I stored IP address of web application in a variable Using NMAP for the machine port scan VIA NMAP I found OS: Windows, some open ports and URL i.e. staging.love.htb NextContinue reading “Love HackTheBox Walkthrough”
