Wednesday , August 22 2018

December, 2017

  • 15 December

    Authentication (Single Factor) and Authorization

    Authentication (Single Factor) and Multifactor Authorization

    Authentication (Single Factor) and Authorization: The most basic form of authentication is known as single-factor authentication (SFA), because only one type of authentication is checked. SFA is most often implemented as the traditional username/password combination. A username and password are unique identifiers for a logon process. Here’s a synopsis for …

  • 14 December

    VPNs and VPN Concentrators

    VPNs and VPN Concentrators

    VPNs and VPN Concentrators: A virtual private network (VPN) is a private network connection that occurs through a public networks. A private network provides security over an otherwise unsecure environment. VPNs can be used to connect LANs together across the Internet or other public networks. With a VPN, the remote …

  • 13 December

    SQL: Bypassing Authentication

    SQL: Bypassing Authentication

    We can now construct a valid SQL statement that will execute gracefully and retrieve information that we have no rights to retrieve. Bypassing Authentication We know we are dealing with a string column because of the quotes being applied to our input, so we can either the 1=1 or ‘a’=’a …

  • 12 December

    UNDERSTANDING CYBER SECURITY – Download Free Hacking Books

    UNDERSTANDING CYBER SECURITY - Download Free Hacking Books

    UNDERSTANDING CYBER SECURITY – Download Free Hacking Books 1.Backgrounding- A. networking technologies (e.g., hardware, infrastructure) web technologies (e.g., web 2.0, skype) systems technologies communication protocols malware operations mobile technologies (e.g., smart phones) telecommunication technologies backups and archiving (e.g., local, network)   2.Analysis/Assessment- A. data analysis systems analysis risk assessments technical …

  • 11 December

    SQL INJECTION ATTACKS: Finding the Vulnerability

    SQL INJECTION ATTACKS: Finding the Vulnerability

    SQL Injection Attacks: Now that we have the basics of SQL injection down, let’s use our DVWA environment to try it out on a vulnerable page. We have a couple of goals for this section: Crash the application to prove that our input dictates the applications behavior. Retrieve usernames from …

  • 10 December

    The SQL Interpreter

    The SQL Interpreter

    SQL Interpreter: One of the main aspects of this vulnerability that you must understand is that it leverages an SQL interpreter. An interpreter takes input and acts on it immediately without having to go through traditional programming processes such as linking, compiling, debugging, and running. For example, an SQL interpreter …

  • 9 December

    SQL for Hackers: Learn How Useful SQL

    SQL for Hackers

    SQL for Hackers: Learn How Useful SQL : As an attacker, it is critical to gain an understanding on how this query is constructed and what exact parts of the query you are in control of. The query is broken out into three distinct parts. SELECT * FROM shoes WHERE …

  • 8 December

    USING NMAP TO PERFORM NULL SCANS

    USING NMAP TO PERFORM NULL SCANS

    USING NMAP TO PERFORM NULL SCANS: Null scans, Xmas tree scans, are probes made with packets that violate traditional TCP communication. In many ways, the null scan is the exact opposite of a Xmas tree scan because the null scan utilizes packets that are devoid of any flags (completely empty). …

  • 7 December

    Measuring Internet Marketing Programs

    Measuring Internet Marketing Programs

    Measuring Internet Marketing Programs: Measuring the success of Internet marketing programs involves tracking the actions web visitors take and converting these actions into values that can be used to determine and compare performance. Some of the common measurements include the number of page hits, page views, ad impressions, click through …

  • 6 December

    NMAP SCRIPTING ENGINE: FROM CATERPILLAR TO BUTTERFLY

    THE NMAP SCRIPTING ENGINE: FROM CATERPILLAR TO BUTTERFLY

    THE NMAP SCRIPTING ENGINE: FROM CATERPILLAR TO BUTTERFLY: Make no mistake. Nmap is an awesome tool. It is mature, robust, well documented, and supported by an active community. However, the NSE provides Nmap with an entirely new skill set and dimension. The NSE is a powerful addition to the classic …