Author: Lipson Thomas Philip

Lipson Thomas Philip is a student of Masters in Network and Information Security at Griffith College, Limerick. He has done an internship in Cyber Cell, Gurugram 2021. His motive is to learn on a daily basis. As somebody said "Never stop learning". You learn new things knowing or unknowingly and as your life changes day by day.

Penetration testing is one of the complex topics in the cyber security world. cURL is a simple and yet powerful tool. This hidden command-line tool is critical for debugging, modifying, and attacking web applications. When applied skillfully, cURL can bypass Web Application Firewalls (WAFs), test authentication mechanisms, manipulate headers, and perform other advanced tasks. This article delves deep into how penetration testers use cURL to outsmart even the most secure defenses. Understanding cURL cURL is a command-line utility used to transfer data from a server to a computer system. This tool supports a range of internet protocols, including HTTP, HTTPS,…

Read More

If you’re just getting started with ethical hacking or network troubleshooting, Nmap should be one of the first tools you master. Nmap, or Network Mapper, is an open-source, very flexible application used by Linux systems and network administrators. It is frequently used for network exploration, security scanning, auditing, and discovering open ports on remote computers.0 Nmap can detect active hosts, operating systems, packet filters, and open ports on distant computers. In this guide, we’ll walk through 30 practical Nmap commands that you can start using right away — with clear explanations so you understand what each one does. Why 28…

Read More

Monitoring and managing disk usage is important for any Linux user, including Windows and Mac users. The traditional du (disk usage) command was available. While the du command was functional, using or checking the disk’s usage was not easy. Now, we have a new way to analyze disk usage using a new tool/command known as ncdu. This command easily finds directories or software, which is hogging space. It doesn’t matter if you’re a system admin, developer, or casual user; this tool can save you time and frustration. This article will walk you through what ncdu is, how it works, and…

Read More

Introduction Splunk’s power lies in its ability to surface data when and where you need it. However, if your home screen is a mess or your preferences aren’t set, you’re wasting time every time you log in. Setting the right home dashboard and preferences is more than convenience—it’s productivity, clarity, and speed. What is the Home App in Splunk? The Home App is the launchpad users see upon logging into Splunk. By default, it might show a generic welcome screen or a list of apps. But it can be customized to display a specific dashboard tailored to your needs. Think…

Read More

According to PGIM, the global data sphere is expected to grow to 2100 zettabytes by 2035. Splunk is a data platform designed to handle large amounts of data for large organizations. There are a few questions we have to answer first: Everyone has the same or similar questions in their mind. The answer is That Organizations usually handle billions or trillions of data, which makes it difficult for us to maintain and analyze. Here, software like Splunk comes into the picture. Splunk excels at handling unstructured, semi-structured, and structured data without any issues. It collects, indexes, and enables users to…

Read More

Browser extensions are handy. They block ads, save passwords, manage tabs, take screenshots, and do a hundred other things that make browsing better. But behind that convenience lies a major security blind spot. Extensions can – and sometimes do – hack your browser, steal your data, and compromise your privacy. Here’s how it happens, what to watch out for, and how to stay safe. What Are Browser Extensions? Browser extensions are small software add-ons that enhance the functionality of your browser. They can be installed from official marketplaces like the Chrome Web Store or Mozilla’s Add-ons site. Some are built…

Read More

Volatility 3 is an essential memory forensics framework for analyzing memory dumps from Windows, Linux, and macOS systems. One of its main strengths is process and thread analysis, which can detect hidden, injected, or manipulated processes and threads used by malware. This article breaks down the core plugins and techniques used in Volatility 3 to analyze processes and threads and how they can be leveraged to detect malicious activity. What to Look for in Processes? Processes are among the most critical artifacts to examine when analyzing memory dumps. The malware hides by manipulating process structures, injecting code, or running under…

Read More

Analyzing a memory dump or (Memory Dump Analysis) can feel like peering into the soul of a system. It reveals everything the system was doing when the snapshot was taken. Understanding memory dumps is valuable if you’re a digital forensics professional, malware analyst, or cybersecurity student. Volatility 3 is one of the most essential tools for memory analysis. This article walks you through the first steps using Volatility 3, including basic commands and plugins like imageinfo, pslist, and more. Starting with a Memory Dump Before digging into plugins, make sure you have a valid memory dump and Volatility3 loaded. Volatility3…

Read More

Description of the machine Deathnote is an easy-level virtual machine available on Vulnhub designed to enhance your skills for beginners. This walkthrough will guide you through each step to exploit the machine and achieve root access. The machine is inspired by the Japanese manga series “DeathNote”. Note: According to HWKDS (the author), this VM works better in VirtualBox than VMWare. However, this guide performed the walkthrough in VMWare. If you find any problems, refer to the “Common Fixes & Troubleshoot section”. Machine Information NameDeathnoteRelease Date4 September 2021Created ByHWKDSSeriesDeathnoteFile Size658 MBFormatVirtual Machine (OVA)Operating SystemLinuxDHCP ServiceEnabledIP AddressAutomatically Assign Note: The root is disabled…

Read More

Volatility 3 is a robust open-source memory forensics framework written in Python. Built from the ground up to replace its predecessor, Volatility2, it takes advantage of modern Python language practices and modular architecture. This article breaks down its internal architecture, explaining its core components, the role of plugins, and how its design benefits both analysts and developers. Architecture Volatility 3 Overview At its core, Architecture Volatility3 is built on a clean, object-oriented design that separates concerns into discrete components. This modularity is one of the main architectural improvements over Volatility2. The system is structured around three primary building blocks: 1.…

Read More