Author: Lipson Thomas Philip

What is the subfinder tool? Subfinder is used to discover or extract the subdomain of any website. Subfinder is developed and managed by Project Discovery. It uses passive online sources to locate good subdomains for websites. The passive online sources like Censys, Chaos, Recon.dev, Shodan, Spyse, Virustotal, and many other passive online sources. This tool is designed to do passive subdomain enumeration, and it does it exceptionally well. It was projected to be a successor to the sublist3r tool. Project Discovery created a subdomain finder tool to integrate all passive source licenses and usage limitations. It maintains a consistently passive…

The most essential part for any website is about HTTP security headers. The first thing the server sends in response to the user is HTTP headers that define whether the website is safe or not for the user. What is the header? A header is a section of a document, data packet, or message that carries crucial information in addition to the data itself. The header’s contents differ from document to document. The header contains metadata which means data about data. Headers are seen in any type of file such as email, HTML document, software, and even in word or…

What is DirBuster? DirBuster is a content discovery application within the Kali Linux and Parrot OS repository. DirBuster was created OWASP Foundation and managed by Kali Developers. It is widely used to brute force and extracts juicy lists of directories and files. This tool is written in the Java programming language. It uses multi-thread functionality, which gives users the advantage of extracting directories and files faster or slower. We will provide you an overview of the tool and its fundamental functionalities in this post. How to download DirBuster in Linux? DirBuster comes preinstalled in both Kali Linux and Parrot Security…

Nmap, or Network Mapper, is a free and open-source security auditing. It is created by Gordon Lyon. Nmap is built to quickly diagnose both massive networks and single hosts. In simple words, it is a port scanner used by many cybersecurity experts. Network administrators use Nmap to determine: Nmap is a command-line tool, and for a graphical user interface, we can use Zenmap. What is Nmap? Nmap stands for Network Mapper, a free network discovery and vulnerability scanning tool. Network administrators may use this tool to monitor single hosts and large networks with hundreds of thousands of devices and subnets.…

When we hear about cybersecurity, we all learn by self-taught and standalone. But when we get a job in any company we have to work in teams. Teams in cybersecurity are different from other fields such as Data Science, Artificial Intelligence, etc. Because in cybersecurity, there are numerous teams whose objectives to each one’s responsibility is different. This article will discuss How the red team is differs from the blue team. Two important teams are the Red team and Blue team. There are three types of teams in cybersecurity: There are more teams from the three above, but this depends…

What is a race condition? A race condition is unacceptable when a device or system seeks to simultaneously conduct two or more operations. However, the activities must still be performed in the proper sequence depending upon the nature of the device or system. They arise when two processes, or threads of software programs, attempt to access the same resource simultaneously, causing system problems. Race situations are a prevalent problem in multithreaded programs. Race condition vulnerability occurs in both web applications as well as mobile applications. What is a race condition vulnerability? Race condition attacks are also known as Time of…

Raven 1 vulnhub machine is a boot2root machine for beginners and intermediates. There are four flags to look for and two suggested methods of gaining root.

What is Cross-site scripting (XSS)? Cross-Site Scripting (XSS) attacks introduce malicious code into online applications, often known as injection attacks. An attacker will exploit a vulnerability in a target online application to deliver malicious code to an end-user, most typically client-side JavaScript. XSS attacks target the application’s users directly rather than the application’s host. Organizations and businesses that deploy web apps risk exposing themselves to cross site scripting attacks. If they show material from users or untrusted sources without sufficient escaping or validation. For a long time, cross site scripting vulnerabilities have been one of the OWASP Top 10 security…

What is the clear command? The clear command is a basic Unix computer operating system command for cleaning the terminal screen. This command first searches the environment for a terminal type, then explores the terminfo database for information on cleaning the screen. Besides that, any command-line options that may be present will be ignored by this command. Furthermore, this command does not accept any arguments. This command was developed by the Computer Systems Research Group. Why clear command used? To do the task in Linux, every user should know all the commands of Linux. And this command is one of…

The whoami command is one of the most basic yet powerful tools available in various operating systems, including Linux, Unix, and Windows. It displays the username of the currently logged-in user. Although it seems simple, it is essential for tasks ranging from scripting and automation to security and troubleshooting. Understanding this command is critical for system administrators, developers, and anybody dealing with multi-user environments. This article will explain everything you need to know about the whoami command, from its fundamental syntax to sophisticated use situations. Whether you’re a new or veteran user, it will help you realize the full potential…