Cross Site Scripting (XSS): it allows attacker to compromise interaction between user and the application. It works by manipulating vulnerable website so that it returns malicious Java Script to users.
TYPES OF XSS
1. Reflected XSS: arrives malicious script comes from the current HTTP request means it only affects the user that is interacted.
2. Stored XSS: malicious script comes from the website's database(later HTTP request).
3. DOM based XSS: when an application contains some client-side Java Script that process data from untrusted source.
TYPES OF XSS
1. Reflected XSS: arrives malicious script comes from the current HTTP request means it only affects the user that is interacted.
2. Stored XSS: malicious script comes from the website's database(later HTTP request).
3. DOM based XSS: when an application contains some client-side Java Script that process data from untrusted source.
👍12
🚨 XSS Challenge Follow-Up 🚨
Building on the last post about XSS, here's a quick challenge for you!
Analyze the following code snippet and comment below:
1️⃣ What makes this code vulnerable to XSS?
2️⃣ Which type of XSS attack could exploit this vulnerability?
Let’s see who can break it down! 💻🔥
---
#bunabyte #XSS
Building on the last post about XSS, here's a quick challenge for you!
Analyze the following code snippet and comment below:
1️⃣ What makes this code vulnerable to XSS?
2️⃣ Which type of XSS attack could exploit this vulnerability?
<?php
$search_query = $_GET['q'];
echo "<p>You searched for: $search_query</p>";
?>
Let’s see who can break it down! 💻🔥
---
#bunabyte #XSS
👍10🤷♂3
what is the reason hackers keep putting this music in ctf challenges 😅
https://youtu.be/dQw4w9WgXcQ?si=lNf0Yn7rSGVW7sFp
https://youtu.be/dQw4w9WgXcQ?si=lNf0Yn7rSGVW7sFp
YouTube
Rick Astley - Never Gonna Give You Up (Official Video) (4K Remaster)
The official video for “Never Gonna Give You Up” by Rick Astley.
Never: The Autobiography 📚 OUT NOW!
Follow this link to get your copy and listen to Rick’s ‘Never’ playlist ❤️ #RickAstleyNever
https://linktr.ee/rickastleynever
“Never Gonna Give You Up”…
Never: The Autobiography 📚 OUT NOW!
Follow this link to get your copy and listen to Rick’s ‘Never’ playlist ❤️ #RickAstleyNever
https://linktr.ee/rickastleynever
“Never Gonna Give You Up”…
😁11🤨1👀1
Cybersecurity isn’t just about tools—it’s about mindset. Every ethical hacker starts as a beginner, questioning how things work and why. Don’t rush mastery; focus on understanding the basics deeply. Learn protocols, practice in labs, and embrace failure—it’s the best teacher. Remember, ethical hacking is about protecting, not exploiting. 🌐💻
#bunabyte #IEH
#bunabyte #IEH
👍20
Buna Byte Cybersecurity
Photo
🎉 Day 24 Complete: TryHackMe Advent of Cyber! 🎉
I realized I hadn’t shared this here, so here it is! I recently completed Day 24 of the TryHackMe Advent of Cyber, a journey packed with challenges in Blue Teaming, Red Teaming, and Cloud Security. At first, I thought it wouldn’t make a big difference, but these challenges truly sharpen your skills and broaden your perspective.
On another note, I’ve started a TryHackMe walkthrough video series! I’ve already done Day 1, and for the rest, it’s over to you to take it as a challenge and grow your skills. Practical learning is the key to mastering cybersecurity!
I realized I hadn’t shared this here, so here it is! I recently completed Day 24 of the TryHackMe Advent of Cyber, a journey packed with challenges in Blue Teaming, Red Teaming, and Cloud Security. At first, I thought it wouldn’t make a big difference, but these challenges truly sharpen your skills and broaden your perspective.
On another note, I’ve started a TryHackMe walkthrough video series! I’ve already done Day 1, and for the rest, it’s over to you to take it as a challenge and grow your skills. Practical learning is the key to mastering cybersecurity!
🎉11🔥2
በ2025 ጠለፋ(Hacking) የሚማሩባቸው 10 ነፃ ድረ-ገጾች በነጻ የሚያስተምሩት ።
1. Hack The Box (HTB): https://www.hackthebox.com
2. TryHackMe (THM): https://www.tryhackme.com
3. PicoCTF: https://picoctf.org
4. PortSwigger’s Web Security Academy: https://portswigger.net/web-security
5. Hacker101: https://www.hacker101.com
6. VulnHub: https://www.vulnhub.com
7. OverTheWire: https://overthewire.org
8. CTFtime: https://ctftime.org
9. Cyber Talents: https://cybertalents.com
10. Root Me: https://www.root-me.org
#BBCS #learnhacking
1. Hack The Box (HTB): https://www.hackthebox.com
2. TryHackMe (THM): https://www.tryhackme.com
3. PicoCTF: https://picoctf.org
4. PortSwigger’s Web Security Academy: https://portswigger.net/web-security
5. Hacker101: https://www.hacker101.com
6. VulnHub: https://www.vulnhub.com
7. OverTheWire: https://overthewire.org
8. CTFtime: https://ctftime.org
9. Cyber Talents: https://cybertalents.com
10. Root Me: https://www.root-me.org
#BBCS #learnhacking
3👍11
ለመሰልጠን ካሰቡ እኛ ጋር ይምጡ
የ5 ሚሊዮን ኢትዮጵያውያን ኮደርስ ኢንሼቲቪ ስልጠናዎችን ለመሰልጠን አስበዋል? እንግዲያውስ እኛ ጋር ይምጡ!
ስልጠናዎቹን ለመውሰድ የሚያስችልዎትን፡
• ምቹ ቦታ
• ከኮምፒውተር እና ኢንተርኔት አቅርቦት ጋር አዘጋጅተን እንጠብቅዎታለን፡፡
ይፍጠኑ!! የእድሉ ተጠቃሚ ለመሆን ይመዝገቡ!
የኢንፎርሜሽን መረብ ደህንነት አስተዳደር በአዲስ አበባ እና አካባቢዋ ለሚገኙ የአንደኛና ሁለተኛ ደረጃ እንዲሁም የዩኒቨርሲቲ ተማሪዎች፣ የመንግስትና የግል ሰራተኞች፣ በአጠቃላይ ለሁሉም ዜጎች የ5 ሚሊዮን ኢትዮጵያውያን ኮደርስ ኢንሼቲቪ ስልጠናዎችን ለመሰልጠን የሚያስችላቸውን ምቹ ሁኔታ በአስተዳደሩ የሳይበር ልሕቀት ማዕከል አመቻችቷል፡፡ ስልጠናው ከጥር 3/2017 ዓ.ም ጀምሮ ሁልጊዜ በሳምንቱ የእረፍት ቀናት (ቅዳሜና እሁድ) ይሰጣል፡፡
የስልጠና ቀናት
• ቅዳሜ እና እሁድ
• ሰአት፡ ከጠዋቱ 2፡30 እስከ አመሻሽ 11፡30
• ቦታ፡ ወሎ ሰፈር አካባቢ በሚገኘው የኢንፎርሜሽን መረብ ደህንነት አስተዳደር ዋና ቢሮ
ለመመዝገብ ከታች ያለውን ሊንክ ይጠቀሙ
https://awareness.insa.gov.et/index.php/143154?lang=am
የ5 ሚሊዮን ኢትዮጵያውያን ኮደርስ ኢንሼቲቪ ስልጠናዎችን ለመሰልጠን አስበዋል? እንግዲያውስ እኛ ጋር ይምጡ!
ስልጠናዎቹን ለመውሰድ የሚያስችልዎትን፡
• ምቹ ቦታ
• ከኮምፒውተር እና ኢንተርኔት አቅርቦት ጋር አዘጋጅተን እንጠብቅዎታለን፡፡
ይፍጠኑ!! የእድሉ ተጠቃሚ ለመሆን ይመዝገቡ!
የኢንፎርሜሽን መረብ ደህንነት አስተዳደር በአዲስ አበባ እና አካባቢዋ ለሚገኙ የአንደኛና ሁለተኛ ደረጃ እንዲሁም የዩኒቨርሲቲ ተማሪዎች፣ የመንግስትና የግል ሰራተኞች፣ በአጠቃላይ ለሁሉም ዜጎች የ5 ሚሊዮን ኢትዮጵያውያን ኮደርስ ኢንሼቲቪ ስልጠናዎችን ለመሰልጠን የሚያስችላቸውን ምቹ ሁኔታ በአስተዳደሩ የሳይበር ልሕቀት ማዕከል አመቻችቷል፡፡ ስልጠናው ከጥር 3/2017 ዓ.ም ጀምሮ ሁልጊዜ በሳምንቱ የእረፍት ቀናት (ቅዳሜና እሁድ) ይሰጣል፡፡
የስልጠና ቀናት
• ቅዳሜ እና እሁድ
• ሰአት፡ ከጠዋቱ 2፡30 እስከ አመሻሽ 11፡30
• ቦታ፡ ወሎ ሰፈር አካባቢ በሚገኘው የኢንፎርሜሽን መረብ ደህንነት አስተዳደር ዋና ቢሮ
ለመመዝገብ ከታች ያለውን ሊንክ ይጠቀሙ
https://awareness.insa.gov.et/index.php/143154?lang=am
❤4👌2
Buna Byte Cybersecurity
Networking basics for hackers 0x2 coming out at 10:30 LT
Best way to start your hacking journey is to deeply understand how the internet works. This video gives you an insight on that. Don't miss out.
👍4
🎉5🫡1
The Common Pitfall in Starting a Hacking Journey"
These days, many beginners (myself included) fall into the same trap when starting their hacking journey: skipping the fundamentals. Instead of mastering the basics of networking, programming, and operating systems, we rush straight into using advanced tools without understanding how they work.
To succeed, focus on building a solid foundation before diving into tools and exploits. Remember, hacking is a skillset that requires patience, practice, and a deep understanding of the basics. Avoid the shortcuts—it’s a journey, not a race!
#guidance@bunabytecs
These days, many beginners (myself included) fall into the same trap when starting their hacking journey: skipping the fundamentals. Instead of mastering the basics of networking, programming, and operating systems, we rush straight into using advanced tools without understanding how they work.
To succeed, focus on building a solid foundation before diving into tools and exploits. Remember, hacking is a skillset that requires patience, practice, and a deep understanding of the basics. Avoid the shortcuts—it’s a journey, not a race!
#guidance@bunabytecs
👍10⚡1
This media is not supported in your browser
VIEW IN TELEGRAM
Found this meme and it cracked me open 😅
🤣6🔥1😁1