Home
s4yhii's Blog
Cancel

Broken Authentication Labs

Vulnerabilities in password-based login Username enumeration via different responses With Burp running, investigate the login page and submit an invalid username and password. In Burp, go to P...

Attacking Json Web Tokens

Some acronyms: JOSE: Javascript Object Signing and Encryption The name of the working group JWT: JSON Web TOKEN JWE: JSON Web Encryption JWS: JSON Web Signature ...

Microsoft Azure Fundamentals (AZ-900) Notes

Cloud Concepts Benefits of cloud computing Scalability: ability to accommodate a larger load by making the hardware stronger(vertical), or by adding nodes (horizontal) Elasticity: once a system ...

Cross-site scripting (XSS)

Cross-site scripting known as XSS is a web vulnerability in which malicious scripts are injected int benign and trusted websites. XSS occur when an attacker send malicious code in any user input fi...

Docker Cheatsheet

“With Docker, developers can build any app in any language using any toolchain. “Dockerized” apps are completely portable and can run anywhere - colleagues” OS X and Windows laptops, QA servers run...

SQL Injection - Labs

Lab 1 - SQL injection vulnerability in WHERE clause allowing retrieval of hidden data We need to retrieve hidden data so we search query’s in the web where we can inject some sql injection payloads...

SQL Injection

A SQL injection is an attack in which the attacker executes arbitrary SQL commands on an application’s database by supplying malicious input inserted into a SQL statement. This happens when the inp...

Vulnerability Management with Nessus in AWS

Introduction In this tutorial we will cover vulnerability scanning and vulnerability remediation. These are two of the main steps in the Vulnerability Management Lifecycle. We will be using Nessus...

AWS Certified Cloud Practicioner Notes

Cloud computing and IAM Types of Cloud Computing Infrastructure as a Service (IaaS) Provide building blocks for cloud IT Provide networking, computers, data storage space Highest level of...

Cloud Resume Challenge

Cloud Resume Challenge Setup AWS Create your aws account Setup MFA for your roor account Create an IAM user Assign permission (Principle of Least privilege) Setup Vault (https://github.com/99...