Sep 17, 2022

Some Mitigation Against Phishing and MITM

Regular phishing awareness should be done in the organization. Regular 2FA/MFA hacking awareness should be done in the organization. The Phishing campaign should be run internally in the organization to check the employee’s awareness. Reward the employees if they successfully pass the phishing internal check. So that all other employees…

Cybersecurity

1 min read

Cybersecurity

1 min read

Some Mitigation Against Phishing and MITM

Regular phishing awareness should be done in the organization.
Regular 2FA/MFA hacking awareness should be done in the organization.
The Phishing campaign should be run internally in the organization to check the employee’s awareness.
Reward the employees if they successfully pass the phishing internal check. So that all other employees…

Aug 28, 2022

Run Terminal Binaries in Burp: BurpBinaryRunner — (My 2nd Burp Extension in Jython)

This tool is used to run binaries through Burp, tools like SSLscan, Nmap, FFUF, etc. The binaries that give the output on the terminal can be used in this Burp extension. I am not sure if this Burp extender will make your life easy or not. I just made it…

Burpsuite

1 min read

Run Terminal Binaries in Burp: BurpBinaryRunner — (My 2nd Burp Extension in Jython)

Burpsuite

1 min read

Run Terminal Binaries in Burp: BurpBinaryRunner — (My 2nd Burp Extension in Jython)

This tool is used to run binaries through Burp, tools like SSLscan, Nmap, FFUF, etc. The binaries that give the output on the terminal can be used in this Burp extension.

I am not sure if this Burp extender will make your life easy or not. I just made it…

Aug 27, 2022

Why the Older & Vulnerable Version in use Vulnerability should be of HIGH severity

ATM Hack ATM is a jackpot for criminals, it is a metal box that contains lots of cash. ATM is just a computer often a windows computer with an input device like a touch screen and buttons. It also has cassettes which hold lots of cash. In older days and in today’s…

Cybersecurity

2 min read

Why the Older & Vulnerable Version in use Vulnerability should be of HIGH severity

Cybersecurity

2 min read

Aug 13, 2022

My First Burp Extension | Enable Tor Proxy By Burp

Hello Everyone, Finally, after one week of work, I learned many new things in Jython as well as in Java. When you will see the functionality of this Burp extension, it looks like it needs only one day of development, but for me, it took 1 week because I had…

Burpsuite

1 min read

My First Burp Extension | Enable Tor Proxy By Burp

Burpsuite

1 min read

Aug 3, 2022

What are serialization and deserialization? | What is insecure deserialization?

What is serialization? Serialization is the process of converting the state of an object into byte streams to save into the file. Why do we need Serialization? Let’s take an example of a computer game, when we start the game we get the option to resume it. Now think about, how it’s possible that the game starts from…

Insecure Deserialization

2 min read

Insecure Deserialization

2 min read

Jul 31, 2022

What is salting in cryptography? | Why do we need salting when saving passwords in the database? (Simple Explanation)

Salting is the concept of adding random data in the plaintext data (Example: Password) and then creating the hash of that combination this is called salting. By doing this, even if you are using the same plain text, it is possible to get different hashes.

Salting

1 min read

Salting

1 min read

What is salting in cryptography? | Why do we need salting when saving passwords in the database? (Simple Explanation)

Jul 14, 2022

Is your webcam exposed on the internet and everyone enjoying your personal moments? | How to check webcam or security camera is exposed on the internet or not?

Nowadays we start using many technology devices in our homes. Many people are installing CCTV or security cameras in their houses, private rooms, offices, private places, etc for security purposes and monitoring, but many of them don’t know how to configure that device securely. So let’s talk about CCTV…

Webcam

2 min read

Webcam

2 min read

Jul 12, 2022

Fake Traffic By Proxy | Use proxy to send requests to the server | Send traffic from multiple free proxy

There are many ways to achieve this, one of the ways is here. I want a tool that sends requests to my website, but from different proxies. So I searched for some tools, but I faced the integration issue because I want to automate the whole process. That’s the reason I have created my own tool. I learned a new concept of proxies.

2 min read

Fake Traffic By Proxy | Use proxy to send requests to the server | Send traffic from multiple free…

2 min read

Fake Traffic By Proxy | Use proxy to send requests to the server | Send traffic from multiple free proxy

There are many ways to achieve this, one of the ways is here.

I want a tool that sends requests to my website, but from different proxies. So I searched for some tools, but I faced the integration issue because I want to automate the whole process. That’s the reason I have created my own tool. I learned a new concept of proxies.

Jul 10, 2022

JWT Vulnerabilities List (Simple Explanation)

JWT vulnerabilities: Tamper without modifying anything Modify algorithm to none Bruteforce weak signing key Privilege Escalation by JWK header injection (RS256 or asymmetric hashing algorithm attack) Privilege Escalation by JKU header injection (RS256 or asymmetric hashing algorithm attack) The exploitation of kid header in JWT (Directory Traversal and command Injection)…

Jwt

2 min read

JWT Vulnerabilities List (Simple Explanation)

Jwt

2 min read

Jun 23, 2022

What is JWT - JSON Web Tokens (Simple Explanation)

What is JWT? JWT token is a base64url encoded string that is used to transmit the information between server and client. JWT token mostly contains the user information which is used for authorization. JWT token can be sent through a URL, POST parameter, and HTTP header. The information that is sent…

Jwt

6 min read

What is JWT - JSON Web Tokens (Simple Explanation)

Jwt

6 min read