#Enroll
Linux Server Administration Made Easy with Hands-on Training
https://www.udemy.com/course/linux-made-easy-with-hands-on-training/?couponCode=A9DDB002FDD783B1998E
#share & #supportus
-------------> @geekcode π
Share as more as π
Linux Server Administration Made Easy with Hands-on Training
https://www.udemy.com/course/linux-made-easy-with-hands-on-training/?couponCode=A9DDB002FDD783B1998E
#share & #supportus
-------------> @geekcode π
Share as more as π
π΅ What is OWASP?
β³οΈ The Open Web Application Security Project (OWASP) is a non-profit organization founded in 2001, with the goal of helping website owners and security experts protect web applications from cyber attacks.
π΅ The OWASP Top 10
β³οΈ OWASP Top 10 is a widely accepted document that prioritizes the most important security risks affecting web applications. Although there are many more than ten security risks, the idea behind the OWASP Top 10 is to make security professionals keenly aware of at least the most critical security risks, and learn how to defend against them.
β³οΈ OWASP periodically evaluates important types of cyber attacks by four criteria: ease of exploitability, prevalence, detectability, and business impact, and selects the top 10 attacks. The OWASP Top 10 was first published in 2003 and has since been updated in 2004, 2007, 2010, 2013, 2017 and 2019.
β³οΈ What we will do is, using those top 10 vulnerabilities we will pen-test the websites. If we found any of the vulnerability in that site then we can do two things
π EXPLOITING THE SITE
π REPORT THE BUG
#share & #supportus
-------------> @geekcode π
Share as more as π
β³οΈ The Open Web Application Security Project (OWASP) is a non-profit organization founded in 2001, with the goal of helping website owners and security experts protect web applications from cyber attacks.
π΅ The OWASP Top 10
β³οΈ OWASP Top 10 is a widely accepted document that prioritizes the most important security risks affecting web applications. Although there are many more than ten security risks, the idea behind the OWASP Top 10 is to make security professionals keenly aware of at least the most critical security risks, and learn how to defend against them.
β³οΈ OWASP periodically evaluates important types of cyber attacks by four criteria: ease of exploitability, prevalence, detectability, and business impact, and selects the top 10 attacks. The OWASP Top 10 was first published in 2003 and has since been updated in 2004, 2007, 2010, 2013, 2017 and 2019.
β³οΈ What we will do is, using those top 10 vulnerabilities we will pen-test the websites. If we found any of the vulnerability in that site then we can do two things
π EXPLOITING THE SITE
π REPORT THE BUG
#share & #supportus
-------------> @geekcode π
Share as more as π
π€©π€©Telegram Monetization Update | Telegram Will Start Putting Adsπ€©π€©
Telegram is the best alternative to whatsapp and its about to hit 500 Million users.
Telegram Co-founder Pavel Durov announced plans to earn revenue via premium features and ads.
Durov laid out a two plan on monetizing the service starting next year. The first part of this will be introducing premium features for business,While all existing features will continue to remain free.
Durov (co-founder) assured that the parts of the messenger that are devoted to messaging, like one-to-one chats and groups, would remain free of ads, as he believes that communication between people should not be disrupted by any sorts of advertisements.
They also ensured that private chhanels will remain ad free
Durov said - If Telegram starts earning money, the community should also benefit. For example, If we monetize large public one-to-many channels via the Ad Platform, the owners of these channels will receive free traffic in proportion to their size. Or, if Telegram introduces premium stickers with additional expressive features, the artists who make stickers of this new type will also get a part of the profit. We want millions of Telegram-based creators and small businesses to thrive, enriching the experience of all our users.
This paid feature will allow channel owners to get free traffic proportionate to their sizes. he added that if Telegram were to launch premium stickers having more expressive features, artists making these stickers would also get a cut in the profit.
This paid plans will be launched in 2021 that will be aimed at business and power use and all the features that are currently free will remain free
For proof check this post form product Manager of telegram https://t.me/durov/142
#share & #supportus
-------------> @geekcode π
Share as more as π
Telegram is the best alternative to whatsapp and its about to hit 500 Million users.
Telegram Co-founder Pavel Durov announced plans to earn revenue via premium features and ads.
Durov laid out a two plan on monetizing the service starting next year. The first part of this will be introducing premium features for business,While all existing features will continue to remain free.
Durov (co-founder) assured that the parts of the messenger that are devoted to messaging, like one-to-one chats and groups, would remain free of ads, as he believes that communication between people should not be disrupted by any sorts of advertisements.
They also ensured that private chhanels will remain ad free
Durov said - If Telegram starts earning money, the community should also benefit. For example, If we monetize large public one-to-many channels via the Ad Platform, the owners of these channels will receive free traffic in proportion to their size. Or, if Telegram introduces premium stickers with additional expressive features, the artists who make stickers of this new type will also get a part of the profit. We want millions of Telegram-based creators and small businesses to thrive, enriching the experience of all our users.
This paid feature will allow channel owners to get free traffic proportionate to their sizes. he added that if Telegram were to launch premium stickers having more expressive features, artists making these stickers would also get a cut in the profit.
This paid plans will be launched in 2021 that will be aimed at business and power use and all the features that are currently free will remain free
For proof check this post form product Manager of telegram https://t.me/durov/142
#share & #supportus
-------------> @geekcode π
Share as more as π
GeekCode
π΅ What is OWASP? β³οΈ The Open Web Application Security Project (OWASP) is a non-profit organization founded in 2001, with the goal of helping website owners and security experts protect web applications from cyber attacks. π΅ The OWASP Top 10 β³οΈ OWASP Topβ¦
π΅ Exploiting the site
β³οΈ Once we found the bug, we can create a payload and exploit the site. Result of this will be like website/admin panel take overs, data breach (stealing sensitive info's), crashing the website etc etc.. but this is totally illegal.
π΅ Reporting bug
β³οΈ And the other option is, reporting the bug to the creater. We can report the bug that we found on their site. If they found our report as a valid one then they will reward us with $π°πΈ . This is what is called as "bug bounty" and its totally legal
#share & #supportus
-------------> @geekcode π
Share as more as π
β³οΈ Once we found the bug, we can create a payload and exploit the site. Result of this will be like website/admin panel take overs, data breach (stealing sensitive info's), crashing the website etc etc.. but this is totally illegal.
π΅ Reporting bug
β³οΈ And the other option is, reporting the bug to the creater. We can report the bug that we found on their site. If they found our report as a valid one then they will reward us with $π°πΈ . This is what is called as "bug bounty" and its totally legal
#share & #supportus
-------------> @geekcode π
Share as more as π
ββπ Exclusive CTF Udemy Courses Free For Limited Time
1) Ethical Hacking - Capture the Flag Walkthroughs - v1
β¨ Video and lab Walkthroughs for capture the Flag exercises that will help strengthen your ethical hacking skills
β¨ Understanding The Hackers Methodology
Enroll Now :-
https://www.udemy.com/course/ethical-hacking-capture-the-flag-walkthroughs/?couponCode=25C7C3DFC8DC6478024A
2) Ethical Hacking - Capture the Flag Walkthroughs - v2
β¨ Video and lab Walkthroughs for capture the Flag exercises that will strengthen your ethical hacking skills
β¨ A Much Higher Skill Level as A Pentester Or a Hacker
Enroll Now :-
https://www.udemy.com/course/ethical-hacking-capture-the-flag-walkthroughs-v2/?couponCode=8EBF8FEDC855BBE71C2D
#share & #supportus
-------------> @geekcode π
Share as more as π€©
1) Ethical Hacking - Capture the Flag Walkthroughs - v1
β¨ Video and lab Walkthroughs for capture the Flag exercises that will help strengthen your ethical hacking skills
β¨ Understanding The Hackers Methodology
Enroll Now :-
https://www.udemy.com/course/ethical-hacking-capture-the-flag-walkthroughs/?couponCode=25C7C3DFC8DC6478024A
2) Ethical Hacking - Capture the Flag Walkthroughs - v2
β¨ Video and lab Walkthroughs for capture the Flag exercises that will strengthen your ethical hacking skills
β¨ A Much Higher Skill Level as A Pentester Or a Hacker
Enroll Now :-
https://www.udemy.com/course/ethical-hacking-capture-the-flag-walkthroughs-v2/?couponCode=8EBF8FEDC855BBE71C2D
#share & #supportus
-------------> @geekcode π
Share as more as π€©
#Enroll
Basics of Cloud Computing
Learn the Basics of Cloud Computing right from the Service Models to The Future of Cloud Computing in Detail.
https://www.udemy.com/course/basics-of-cloud-computing/?couponCode=D09349981999B0149135
#share & #supportus
-------------> @geekcode π
Share as more as π€©
Basics of Cloud Computing
Learn the Basics of Cloud Computing right from the Service Models to The Future of Cloud Computing in Detail.
https://www.udemy.com/course/basics-of-cloud-computing/?couponCode=D09349981999B0149135
#share & #supportus
-------------> @geekcode π
Share as more as π€©
Udemy
Basics of Cloud Computing
Learn the Basics of Cloud Computing right from the Service Models to The Future of Cloud Computing in Detail.
π’TERMUX ADVANCE GUIDEπ’
π°Ultimate Guide To Ethical Hacking With Termuxπ°
LINKπ
https://play.google.com/store/apps/details?id=com.androidexample.termux
#share & #supportus
-------------> @geekcode π
Share as more as π€©
π°Ultimate Guide To Ethical Hacking With Termuxπ°
LINKπ
https://play.google.com/store/apps/details?id=com.androidexample.termux
#share & #supportus
-------------> @geekcode π
Share as more as π€©
IP Addressing and Subnetting - Zero to Hero
Go from zero to advanced in IP addressing in a single course!
https://www.udemy.com/course/ip-addressing-zero-to-hero/?couponCode=HAPPY2021
#share & #supportus
-------------> @geekcode π
Share as more as π€©
Go from zero to advanced in IP addressing in a single course!
https://www.udemy.com/course/ip-addressing-zero-to-hero/?couponCode=HAPPY2021
#share & #supportus
-------------> @geekcode π
Share as more as π€©
Udemy
IP Addressing and Subnetting - Zero to Hero
Go from zero to advanced in IP addressing in a single course!
π΅ Injection Attack
ββββββββββββββ
β³οΈ A code injection happens when an attacker sends invalid data to the web application with the intention to make it do something that the application was not designed/programmed to do.
β³οΈ In simple words, an injection attack is one in which databases and other systems are vulnerable to such an extent that an attacker can inject malicious or untrusted data into the system. This occurs when untrusted data is sent to an interpreter as part of a command or query. Basically, the attacker's data tricks the interpreter into executing commands without adequate authorization.
β³οΈ the most common example around this security vulnerability is the SQL query consuming untrusted data. You can see one of OWASPβs examples below:
String query = βSELECT * FROM accounts WHERE custID = ββ + request.getParameter(βidβ) + βββ;
β³οΈ This query can be exploited by calling up the web page executing it with the following URL: http://example.com/app/accountView?id=β or β1β=β1 causing the return of all the rows stored on the database table.
(I will explain more about this queries and working of sql injection later)
β³οΈ The core of a code injection vulnerability is the lack of validation and sanitization of the data used by the web application, which means that this vulnerability can be present on almost any type of technology.
β³οΈ Anything that accepts parameters as input can potentially be vulnerable to a code injection attack.
#share & #supportus
-------------> @geekcode π
Share as more as π€©
ββββββββββββββ
β³οΈ A code injection happens when an attacker sends invalid data to the web application with the intention to make it do something that the application was not designed/programmed to do.
β³οΈ In simple words, an injection attack is one in which databases and other systems are vulnerable to such an extent that an attacker can inject malicious or untrusted data into the system. This occurs when untrusted data is sent to an interpreter as part of a command or query. Basically, the attacker's data tricks the interpreter into executing commands without adequate authorization.
β³οΈ the most common example around this security vulnerability is the SQL query consuming untrusted data. You can see one of OWASPβs examples below:
String query = βSELECT * FROM accounts WHERE custID = ββ + request.getParameter(βidβ) + βββ;
β³οΈ This query can be exploited by calling up the web page executing it with the following URL: http://example.com/app/accountView?id=β or β1β=β1 causing the return of all the rows stored on the database table.
(I will explain more about this queries and working of sql injection later)
β³οΈ The core of a code injection vulnerability is the lack of validation and sanitization of the data used by the web application, which means that this vulnerability can be present on almost any type of technology.
β³οΈ Anything that accepts parameters as input can potentially be vulnerable to a code injection attack.
#share & #supportus
-------------> @geekcode π
Share as more as π€©
π΄ some of the Types of Injections
ββββββββββββββ
β Depending on the type of database system, the programming language and other factors, there can be many different types of injections:
πΉ Code Injection
πΉ CRLF Injection
πΉ OS Command Injection
πΉ XSS
πΉ Email Header Injection
πΉ SQL Injection
Etc..
#share & #supportus
-------------> @geekcode π
Share as more as π€©
ββββββββββββββ
β Depending on the type of database system, the programming language and other factors, there can be many different types of injections:
πΉ Code Injection
πΉ CRLF Injection
πΉ OS Command Injection
πΉ XSS
πΉ Email Header Injection
πΉ SQL Injection
Etc..
#share & #supportus
-------------> @geekcode π
Share as more as π€©