Author: Lipson Thomas Philip

Steghide is one of the best tools used for steganography. This tool was created by Stefan Hetzl in the year of 2003. Steghide is used to hide or embed files in images and audio. It uses a passphrase (any kind of password) to embed and extract private files. This tool is an easy, beginner-friendly, and configurable tool. The best thing about this tool is that it’s available for Linux and Windows. Steghide supports various formats for input such as PNG, JPG, JPEG, and BMP for images and AU and WAV for audio as the cover file. An image or audio…

What Is Steganography? Steganography is the art to hide information in images, audio, or videos. It is used by black hat hackers or criminals to communicate with each other without being noticed by government agencies. Black hat hackers use this technique to hide malicious payloads, ransomware, or viruses on the Internet. For example, an attacker used LSB method to hide ransomware or malware in the cracked software and released it on the Internet. When someone downloads that software and starts installing it. After installation, it automatically triggers the ransomware to run in the background. All the files will be encrypted,…

What is a Blackbird tool? Blackbird tool is created by p1ngul1n0. The primary purpose of this OSINT tool is to find all the social accounts from 120 social media websites. As the creator believes, this tool scans different 120 websites. This tool is created in python language and is very useful for OSINT. How to install the Blackbird tool? The only way to download the files of the blackbird tool is by git clone command. Note: Sometimes, it asks to be a root or sudo user to run the tool. The required files to install the tool are now downloaded…

What is a SemiAutoRecon tool? SemiAutoRecon is a multi-threaded network reconnaissance tool. It is used for semi-automated service enumeration. The features of this tool are all very customizable. It is meant to be used as a time-saving tool in CTFs and other penetration testing scenarios, for example, the OSCP exam). It is most emphatically useless in real-world interactions. This fantastic tool was created by Tib3rius, and it is the successor of the autorecon tool. Why use the SemiAutoRecon tool? SemiAutoRecon was inspired by three tools used during the OSCP labs by the author: Reconnoitre, ReconScan, and bscan. While all three…

What is the subfinder tool? Subfinder is used to discover or extract the subdomain of any website. Subfinder is developed and managed by Project Discovery. It uses passive online sources to locate good subdomains for websites. The passive online sources like Censys, Chaos, Recon.dev, Shodan, Spyse, Virustotal, and many other passive online sources. This tool is designed to do passive subdomain enumeration, and it does it exceptionally well. It was projected to be a successor to the sublist3r tool. Project Discovery created a subdomain finder tool to integrate all passive source licenses and usage limitations. It maintains a consistently passive…

The most essential part for any website is about HTTP security headers. The first thing the server sends in response to the user is HTTP headers that define whether the website is safe or not for the user. What is the header? A header is a section of a document, data packet, or message that carries crucial information in addition to the data itself. The header’s contents differ from document to document. The header contains metadata which means data about data. Headers are seen in any type of file such as email, HTML document, software, and even in word or…

What is DirBuster? DirBuster is a content discovery application within the Kali Linux and Parrot OS repository. DirBuster was created OWASP Foundation and managed by Kali Developers. It is widely used to brute force and extracts juicy lists of directories and files. This tool is written in the Java programming language. It uses multi-thread functionality, which gives users the advantage of extracting directories and files faster or slower. We will provide you an overview of the tool and its fundamental functionalities in this post. How to download DirBuster in Linux? DirBuster comes preinstalled in both Kali Linux and Parrot Security…

Nmap, or Network Mapper, is an open-source security auditing and network scanning program created by Gordon Lyon. It is built in such a way that it can quickly diagnose massive networks and single hosts. Network managers often use it to identify: What is Nmap? Nmap stands for Network Mapper, is a free network discovery application and open-source vulnerability detection. Network administrators use Nmap to determine: Network administrators may use this tool to monitor single hosts and large networks with hundreds of thousands of devices and subnets. Though it has grown and become incredibly versatile over the years, at its core,…

When we hear about cybersecurity, we all learn by self-taught and standalone. But when we get a job in any company we have to work in teams. Teams in cybersecurity are different from other fields such as Data Science, Artificial Intelligence, etc. Because in cybersecurity, there are numerous teams whose objectives to each one’s responsibility is different. This article will discuss How the red team is differs from the blue team. Two important teams are the Red team and Blue team. There are three types of teams in cybersecurity: There are more teams from the three above, but this depends…

What is a race condition? A race condition is unacceptable when a device or system seeks to simultaneously conduct two or more operations. However, the activities must still be performed in the proper sequence depending upon the nature of the device or system. They arise when two processes, or threads of software programs, attempt to access the same resource simultaneously, causing system problems. Race situations are a prevalent problem in multithreaded programs. Race condition vulnerability occurs in both web applications as well as mobile applications. What is a race condition vulnerability? Race condition attacks are also known as Time of…