Cyber Security - الامن السيبراني
9.59K subscribers
823 photos
36 videos
851 files
751 links
سبـارك سكيورتي هي مصدرك الموثوق والرائد في عالم الأمن السيبراني. | Spark Security is your source of security and the leader in the world of cyber security.


EN|AR

بوت التواصل
@Nationofdev_bot.

#cybersecurity
Download Telegram
Team Management: How To Manage Virtual & Hybrid Teams

سعر الكورس 69$

اضغط هنا للانضمام
👏1
يتوقف النشر وذلك بسبب الانشغال ب مشاريع اخرى الى اشعار اخر
#nmap
Nmap (Network Mapper) is a free and open-source tool used for network discovery and security auditing. It can be used to identify hosts and services on a computer network, thus creating a "map" of the network. Nmap can be run on various operating systems, including Windows, Linux, and macOS.

Here is a step-by-step guide on how to use Nmap:

Download and install Nmap on your system. You can download the latest version from the official website: https://nmap.org/download.html

Open a command prompt or terminal window on your system.

To scan a specific host, use the following command syntax: "nmap [hostname/IP address]". This command will scan the specific host and return information about the open ports, services and operating system running on the host.

To scan a range of IP addresses, use the following command syntax: "nmap [start IP address]-[end IP address]". This command will scan all IP addresses within the specified range and return information about open ports, services and operating system running on the host.

To scan all hosts on a subnet, use the following command syntax: "nmap [subnet]/[subnet mask]". This command will scan all IP addresses within the specified subnet and return information about open ports, services and operating system running on the host.

To perform a stealth scan, use the following command syntax: "nmap -sS [hostname/IP address]". This command will perform a scan using a technique called "SYN scan" that is less detectable by firewalls and intrusion detection systems.

To perform a version scan, use the following command syntax: "nmap -sV [hostname/IP address]". This command will scan the specific host and return information about the version number of the services running on the open ports.

To perform a script scan, use the following command syntax: "nmap --script=[script name] [hostname/IP address]". This command will run a specific script against the specified host, the script can be used to perform additional tasks such as vulnerability scanning, brute-force login attempts, etc.

To perform an OS fingerprint scan, use the following command syntax: "nmap -O [hostname/IP address]". This command will scan the specific host and try to identify the operating system running on the host.

To perform a ping scan, use the following command syntax: "nmap -sn [hostname/IP address]". This command will scan the specific host and returns only if the host is online or not, it doesn't return information about open ports or services.

These are just a few examples of the many options available in Nmap. You can find more options and usage examples by running the command "nmap --help" or by visiting the official Nmap documentation page: https://nmap.org/book/man.html

Are there other tools that scan domains for their IP addresses?

Yes, there are other tools that can be used to scan domains for their IP addresses. Some examples include:

Whois: Whois is a command-line tool that can be used to look up information about domain registration, including the IP address of the domain's name servers. You can use the command whois [domain name] to get the information.

dig: dig is a command-line tool that can be used to query the DNS (Domain Name System) to find the IP address of a domain. The syntax is dig [domain name]

host: host is a command-line tool similar to dig, it can be used to query the DNS (Domain Name System) to find the IP address of a domain. The syntax is host [domain name]

Online IP Lookup tools: There are several online tools that can be used to look up the IP address of a domain. Some popular ones include "ip-address.com" and "whatismyip.com".

All these tools are command-line based, but you also can find some graphical tools and websites that allow you to find the IP address of a domain. Some of them are free, and others are paid, you can use the one that fits best with your needs.

It's very important to note that performing scans on networks or systems you don't own or have permission to scan may be illegal, depending on your location and the laws of the jurisdiction.
10 Types of DDoS Attacks
Most DDoS attacks fit into one of three categories: protocol attacks, application layer attacks, or volume-based attacks. There are several different DDoS attack types within each category, some fully automated and some semi-automated. However, the underlying intention remains the same across all of the tactics: to temporarily disrupt or entirely disable the operations of a server or computer network. In this list, we outline and describe the 10 most common types of DDoS attacks.3

1. Packet Flood (SYN/UDP/ICMP/other)
A packet flood is the original and simplest form of DDoS attack types, exploiting basic network traffic protocols to flood a server with millions of redundant requests. Some of the different protocols used in packet flood attacks include SYN, UDP and ICMP, amongst others. Although simple, packet floods remain one of the most used and best DDoS methods available.4

2. Zero-day DDoS Attack
Zero-day attackers exploit errors in code that haven't been discovered or patched by the developers yet. Hackers use these gaps in security to infiltrate systems and launch DDoS attacks.5 Zero-day exploits are not restricted to DDoS attacks. Apple recently patched a zero-day vulnerability in its iOS mobile operating system that was likely being used to unlock stolen phones.6

3. CharGEN Attack
CharGEN is an old, exploitable protocol often found on internet-enabled printers and copiers that can't be patched. Via the CharGEN attack, hackers can access a device and flood the network with UDP requests on port 19.7

4. Protocol Amplification
Much like a CharGEN attack, protocol amplification attacks exploit devices using common public protocols like NTP or SNMP. They spoof an IP address to gain access and, once inside, flood the system with amplified UDP or SYN requests.8

DDoS amplification attacks can also be performed using lesser-known protocols like SSDP, SNMPv2, NetBIOS, QOTD and Memcached. Cybersecurity company CloudFlare recently found that an amplified memcached attack using only 15 bytes could elicit a 750KB response—an amplification of 51,200 times.9

5. Slowloris
Slowloris is a specialized DDoS type that opens multiple connections to a web server by sending partial HTTP requests. Eventually, with too many connections open, the web server can no longer serve legitimate clients and goes offline.10

6. Ping of Death
A Ping of Death scenario exploits a function used by network systems that break down large IP packets into small fragments for Ethernet transmission. By manipulating the size of a fragment, it can create a situation where a reassembled IP packet is larger than the maximum allowed length, causing memory overflow and dropping legitimate packets.11

7. Applications Level attacks
Bad code found in applications that run on web servers can be exploited to take down the entire web server. The popular blogging site WordPress is an example of a site that could be exploited to achieve this. Two types of application-level attacks include HTTP flooding and BGP hijacking.12

8. IP Null
By setting the value of an IPv4 header to zero, hackers can get around security systems that scan Transport Protocols. Send enough of these IP Null packets to a server and it will eventually overload and reboot.13

9. Multi-Vector Attacks
Some hackers make use of multiple different DDoS attack types at the same time to increase the severity of the attack. This is often used when attempting to access a highly secure system where a standard DDoS attack would be detected quickly.14

10. Multiple Fake Session Attacks
Almost all modern cybersecurity systems will quickly detect and take down a standard DDoS attack, so hackers have developed advanced methods to trick security systems. These involve the initiation of multiple fake ACK (acknowledge) sessions within a TCP communication process, followed by RST (reset) and FIN (finish) sessions that generate low TCP-SYN traffic. When used concurrently and en masse, these sessions eventually exhaust the resources of a security network and take the system down.15
2
The above are just a few examples of the many DDoS attack types that hackers are constantly improving upon daily. As more and more companies move the majority of their operations online, cybersecurity is quickly becoming the most critical part of a business
1
Tutorial PHP Object Inheritance

Introduction

In this article we will be creating objects and demonstrating inheritance. If you do not know how to create a class in PHP then this tutorial may not be for you. The base class is sometimes called the super class. In PHP the extend keyword is used to inherit from another class. You can also inherit from a class that is being inherited from another class.




CH : @SparkSecurity
UML
Showing object inheritance in UML is pretty simple, its a line from the base class to the child class, the arrow is an outline and not solid, as pictured below. The Car class is inheriting the base class, Vehicle.



CH : @SparkSecurity
Classes
Our classes will be based on vehicles. The base class will be Vehicle. We can create other classes and inherit the methods/functions of the base class. The above UML is converted into PHP (below) to show how the inheritance works.

Code:
class Vehicle
{
public $color;

function changeColor($c)
{
$this->color = $c;
}
}

class Car extends Vehicle
{
}

The Car class above will automatically have a color variable/attribute. You can use the changeColor method from the base class to set the color of the Car class.




CH : @SparkSecurity
Code:
$car = new Car();
$car->changeColor("red");





CH : @SparkSecurity
Overloading
You can add your own method in the child class to overload the original method in the base class.

Code:
class Car extends Vehicle
{
function changeColor($c)
{
$this->color = "new color, ".$c;
}
}



CH : @SparkSecurity
Sentiment Analysis with NLP using Python and Flask


Click Here
تفاعلو بـ رياكشن خلي اشوف التفاعل .. ❤️

Interact with a reaction, let me see the interaction
4👍1🔥1👏1🆒1
مواقع الالوان:
1. https://colorhunt.co
2. https://klart.io
3. https://color.adobe.com
4. https://webkul.github.io
5. https://pigment.shapefactory.co
6. http://bit.ly/2Jam0Vu

مواقع الصور:
1. https://unsplash.com/
2. https://www.pexels.com/
3. https://pixabay.com/
4. https://stocksnap.io/
5. https://burst.shopify.com/

مواقع الصور بدون خلفية:
1. https://www.kisspng.com
2. http://pngimg.com/
3. https://www.footyrenders.com/
4. https://pngtree.com/

مواقع الفيديوهات
1. https://mixkit.co
2. https://coverr.co
3. https://www.motionplaces.com
4. https://www.videezy.com/

مواقع استلهام
1. https://www.inspirationde.com
2. https://www.designspiration.net
3. https://www.pinterest.com
4. https://dribbble.com

مواقع استلهام لـ الشعارات
1. https://www.logomoose.com
2. https://logopond.com
3. https://www.logolounge.com
4. http://logofaves.com
5. http://www.logotalkz.com
6. http://logospire.com

مواقع استلهام لـ تجربة المُستخدم والتطبيقات

1. https://inspired-ui.com
2. https://www.calltoidea.com
3. https://www.mobile-patterns.com
4. https://www.uplabs.com

مواقع لتحميل الموك اب
1. https://mockupsforfree.com/
2. https://www.mockupworld.co
3. https://graphicburger.com
4. https://zippypixels.com

مواقع لتحميل الملفات
1. https://www.freepik.com
2. https://all-free-download.com
3. https://www.vecteezy.com
4. https://365psd.com

مواقع تحميل الفرش
1. https://www.brushking.eu/
2. https://www.brusheezy.com/brushes
3. https://myphotoshopbrushes.com/
4. https://fbrushes.com/
5. http://gfxfever.com/photoshop-brushes

مواقع لتحميل الأيقونات
1. https://www.flaticon.com
2. https://freeicons.io
3. https://iconstore.co
4. https://www.iconfinder.com
5. https://digitalnomadicons.com
6. https://iconstore.co

مواقع لتحميل الشعارات فيكتور
1. https://seeklogo.com
2. http://logovector.net
3. http://logotypes101.com
4. http://logos-vector.com

مواقع لتحميل الخطوط العربية
1. https://arbfonts.com
2. https://www.fontface.me
3. https://fonts.google.com
4. https://brushez.com

مواقع لتحميل الخطوط الأنجليزية
1. https://www.dafont.com/
2. https://www.1001fonts.com/
3. https://www.fontsquirrel.com/
4. https://www.fontfreak.com/fonts-new.htm
🔥3👏1
Welcome to channel i hope you got good resources and info !
3👏1
تم تعديل المنشور
The post has been modified ❤️
👍2🤯1