Author: Lipson Thomas Philip

The most essential part for any website is about HTTP security headers. The first thing the server sends in response to the user is HTTP headers that define whether the website is safe or not for the user. What is the header? A header is a section of a document, data packet, or message that carries crucial information in addition to the data itself. The header’s contents differ from document to document. The header contains metadata which means data about data. Headers are seen in any type of file such as email, HTML document, software, and even in word or…

What is DirBuster? DirBuster is a content discovery application within the Kali Linux and Parrot OS repository. DirBuster was created OWASP Foundation and managed by Kali Developers. It is widely used to brute force and extracts juicy lists of directories and files. This tool is written in the Java programming language. It uses multi-thread functionality, which gives users the advantage of extracting directories and files faster or slower. We will provide you an overview of the tool and its fundamental functionalities in this post. How to download DirBuster in Linux? DirBuster comes preinstalled in both Kali Linux and Parrot Security…

Nmap, or Network Mapper, is an open-source security auditing and network scanning program created by Gordon Lyon. It is built in such a way that it can quickly diagnose massive networks and single hosts. Network managers often use it to identify: What is Nmap? Nmap stands for Network Mapper, is a free network discovery application and open-source vulnerability detection. Network administrators use Nmap to determine: Network administrators may use this tool to monitor single hosts and large networks with hundreds of thousands of devices and subnets. Though it has grown and become incredibly versatile over the years, at its core,…

When we hear about cybersecurity, we all learn by self-taught and standalone. But when we get a job in any company we have to work in teams. Teams in cybersecurity are different from other fields such as Data Science, Artificial Intelligence, etc. Because in cybersecurity, there are numerous teams whose objectives to each one’s responsibility is different. This article will discuss How the red team is differs from the blue team. Two important teams are the Red team and Blue team. There are three types of teams in cybersecurity: There are more teams from the three above, but this depends…

What is a race condition? A race condition is unacceptable when a device or system seeks to simultaneously conduct two or more operations. However, the activities must still be performed in the proper sequence depending upon the nature of the device or system. They arise when two processes, or threads of software programs, attempt to access the same resource simultaneously, causing system problems. Race situations are a prevalent problem in multithreaded programs. Race condition vulnerability occurs in both web applications as well as mobile applications. What is a race condition vulnerability? Race condition attacks are also known as Time of…

Raven 1 vulnhub machine is a boot2root machine for beginners and intermediates. There are four flags to look for and two suggested methods of gaining root.

What is Cross-site scripting (XSS)? Cross-Site Scripting (XSS) attacks introduce malicious code into online applications, often known as injection attacks. An attacker will exploit a vulnerability in a target online application to deliver malicious code to an end-user, most typically client-side JavaScript. XSS attacks target the application’s users directly rather than the application’s host. Organizations and businesses that deploy web apps risk exposing themselves to cross site scripting attacks. If they show material from users or untrusted sources without sufficient escaping or validation. For a long time, cross site scripting vulnerabilities have been one of the OWASP Top 10 security…

What is the clear command? The clear command is a basic Unix computer operating system command for cleaning the terminal screen. This command first searches the environment for a terminal type, then explores the terminfo database for information on cleaning the screen. Besides that, any command-line options that may be present will be ignored by this command. Furthermore, this command does not accept any arguments. This command was developed by the Computer Systems Research Group. Why clear command used? To do the task in Linux, every user should know all the commands of Linux. And this command is one of…

What is the whoami command? The whoami command displays the user name that corresponds to the user ID. In other words, it shows the current or logged-in user’s username. Any user can use the command in most UNIX-like operating systems. It is also available on Microsoft Windows since Windows Server 2003. When invoked, it is a concatenation of the words “Who am I?” and outputs the effective username of the current user. whoami is a cross-platform used in every type of operating system.This command was developed by Bill Joy, Richard Mlynarik, Intel, Microsoft, ReactOS Contributors, Novell. How to use the…

CIA Triad The CIA Triangle or CIA Triad is one of the most prominent models for guiding information security policy in any organization. CIA is the most basic model used in Network Security. They should serve as goals and objectives for all security programs. The CIA triad is so fundamental to information security. When data is exposed, you can be sure that one or more of these principles has been broken.When a cyberattack happens to any organization or a user falls victim to phishing, you can be sure that one or more of these principles has been violated. The CIA…