🦑#Tips Palo Alto Firewall: Packet Flow Sequence:

In the Firewall understanding the Packet Flow Sequence is essential for troubleshooting traffic issues!

🔴 Inside to Outside Traffic 🔴

🔴 First: Security Policy – Checks if traffic is allowed.
🔴 Second: NAT Policy – Translates source IP if matched.
🔴 Third: Routing Table – Determines the next-hop to the destination.

🔵 Outside to Inside Traffic

🔵 First: NAT Policy – Translates destination IP to internal IP.
🔵 Second: Security Policy – Validates access to the internal resource.
🔵 Third: Routing Table – Finds the path to the internal destination.

💡 Pro Tip: Mastering this sequence is a game-changer for resolving connectivity and NAT issues quickly! 🚀

Ref: Dahri A.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

𝐅𝐫𝐞𝐞 𝐋𝐚𝐛𝐬 𝐭𝐨 𝐓𝐞𝐬𝐭 𝐘𝐨𝐮𝐫 𝐏𝐞𝐧𝐭𝐞𝐬𝐭/𝐂𝐓𝐅 𝐒𝐤𝐢𝐥𝐥𝐬
🎲 Must-Try Platforms
1. HackTheBox: A gamified approach to pentesting with challenges ranging from easy to advanced.
🔗 [https://hackthebox.com](https://hackthebox.com)
2. PicoCTF: Beginner-friendly CTF platform ideal for building foundational skills.
🔗 [https://picoctf.com](https://picoctf.com)
3. OverTheWire: Focuses on building your Linux and networking fundamentals.
🔗 [http://overthewire.org](http://overthewire.org)
4. PentesterLab: Offers guided exercises for learning web app security.
🔗 [https://pentesterlab.com](https://pentesterlab.com)
5. Google CTF: Curated by Google, this platform provides top-notch CTF challenges.
🔗 [https://lnkd.in/gs89f_zU)
6. Immersive Labs: Perfect for hands-on practice across various cybersecurity domains.
🔗 https://immersivelabs.com

7. Hacker101: A free resource from HackerOne to learn and practice ethical hacking.
🔗 https://ctf.hacker101.com


Ref: G.M. Faruk
@Undercodecommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑30 MUST USE CYBERSECURITY SEARCH ENGINES

This list showcases 30 must-use cybersecurity search engines, each specializing in a specific aspect of threat intelligence, vulnerability assessment, or data reconnaissance. These tools cater to professionals seeking information about exposed credentials, vulnerabilities, DNS records, attack surfaces, public repositories, and devices on the internet.

Dehashed: Focuses on finding leaked credentials.
Security Trails: Provides DNS and domain intelligence.
DorkSearch: Enables Google Dorking for open-source intelligence.
ExploitDB: Offers a database of publicly available exploits.
ZoomEye: Scans for information about internet-connected devices and services.
Pulsedive: Centralizes threat intelligence data.
GrayHatWarfare: Specializes in indexing public S3 buckets.
PolySwarm: Scans files and URLs for malware.
FoFa: Analyzes internet-wide threat intelligence.
LeakIX: Tracks leaked and exposed web servers.
DNSDumpster: Examines DNS data for domain reconnaissance.
FullHunt: Maps attack surfaces of internet-facing systems.
AlienVault: Collects and correlates threat intelligence.
Onyphe: Aggregates cyber-threat data and intelligence.
Grep App: Searches for sensitive information in Git repositories.
URL Scan: Investigates websites for potential malicious behavior.
Vulners: Hosts a comprehensive vulnerability database.
WayBackMachine: Provides historical archived internet content.
Shodan: Lists internet-connected devices and their security risks.
Netlas: Scans devices and services exposed on the internet.
CRT.sh: Monitors SSL/TLS certificates.
Wigle: Maps wireless networks.
PublicWWW: Conducts marketing and web analysis.
Binary Edge: Delivers threat intelligence about internet assets.
GreyNoise: Analyzes internet noise for threat detection.
Hunter: Finds and verifies email addresses.
Censys: Tracks internet-facing devices and vulnerabilities.
IntelligenceX: Searches for data leaks on Tor, I2P, and other darknets.
Packet Storm: A repository for vulnerabilities and exploits.
SearchCode: Facilitates source code searches for developers.

Ref: Rahul Raj V K
@Undercodecommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑5 domains a Cloud Engineer should know:


1. 🔒 Security
2. 💻 Compute
3. 💾 Storage
4. 🗂 Database
5. 🌐 Networking

📚 Starting Training 🆓 NOW:

🔶 Security Learning Plan
https://lnkd.in/eNiTnyRN

🔶 AWS Compute Services Overview
https://lnkd.in/eSiFN88Y

🔶 AWS Storage Learning Plan
https://lnkd.in/eFcuArhG

🔶 AWS Database Offering
https://lnkd.in/gSbjZQhQ

🔶 AWS Networking Core
https://lnkd.in/eUwRdA2f

Ref: Greg Powell
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Troubleshooting OSPFv2 Neighbor Adjacencies Made Easy! 🛠
Are your OSPFv2 neighbors stuck in states like Init, 2-Way, or ExStart? Troubleshooting OSPF can be tricky, but with the right approach, you can resolve issues quickly! Here's a checklist to help:

✅ 1. Check Network Types
Ensure both devices are on the same network type (Broadcast, Point-to-Point, Non-Broadcast, etc.). A mismatch could lead to adjacency issues.
✅ 2. Verify Subnet Masks
Neighbors must share the same subnet. Run show ip ospf interface to confirm.
✅ 3. Confirm Hello and Dead Timers
Default timers should match. Use show ip ospf neighbor to check compatibility.
✅ 4. Authentication Configurations
Is OSPF authentication enabled? Double-check the keys and methods (Plaintext/MD5).
✅ 5. MTU Mismatch
A mismatch in MTU can cause neighbors to get stuck in ExStart. Use ip ospf mtu-ignore if necessary.
✅ 6. Router IDs
Each router must have a unique Router ID. Conflicts can disrupt adjacencies.
✅ 7. Passive Interfaces
Is OSPF accidentally configured as passive on the neighbor-facing interface? Check your configs!
✅ 8. Access-Lists or Firewalls
Ensure UDP packets on ports 520 and 89 aren't blocked by ACLs or firewalls.
Troubleshooting OSPF is all about systematic checks and leveraging show/debug commands. Here's my golden rule: Start from Layer 1 and move up!
💡 What’s your go-to step when troubleshooting OSPF adjacencies?

Ref: Sumit Kashyap
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 "Bug Bounty Preparation: Essential HTTP and Networking Resources"

1️⃣HTTP Basics

🧨All in One Resource:
https://www.hacker101.com/sessions/web_in_depth
(Includes: HTTP Basics, Cookie Security, HTML Parsing, MIME Sniffing, Encoding Sniffing, Same-Origin Policy)

HTTP Request Form:
https://www.tutorialspoint.com/http/http_requests.htm

HTTP Response Form:
https://www.tutorialspoint.com/http/http_responses.htm

HTTP Response Codes:
https://www.tutorialspoint.com/http/http_status_codes.htm

HTTP URL Encoding:
https://www.tutorialspoint.com/http/http_url_encoding.htm

🧨HTTP Basics - Video Resources

HTTP Crash Course & Exploration:
https://www.youtube.com/watch?v=iYM2zFP3Zn0

Same-Origin Policy:
https://www.youtube.com/watch?v=bSJm8-zJTzQ

2️⃣Networking Basics
Terminology:
https://www.digitalocean.com/community/tutorials/an-introduction-to-networking-terminology-interfaces-and-protocols

What is an IP?:
https://commotionwireless.net/docs/cck/networking/learn-networking-basics/

What are Ports?:
https://www.utilizewindows.com/list-of-common-network-port-numbers/

What is DNS?:
https://code.tutsplus.com/tutorials/an-introduction-to-learning-and-using-dns-records--cms-24704

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Free Huge collections of wordlists for many different usages:

https://github.com/kkrypt0nn/wordlists

🦑Top XDR tools List:

CrowdStrike Falcon Insight - www.crowdstrike.com
Palo Alto Cortex XDR - www.paloaltonetworks.com
Microsoft Defender XDR - www.microsoft.com
Trend Micro Vision One - www.trendmicro.com
IBM Security QRadar XDR - www.ibm.com
VMware Carbon Black Cloud - www.vmware.com
Cisco SecureX - www.cisco.com
Sophos XDR - www.sophos.com
ESET Protect Elite - www.eset.com
LogRhythm SIEM - www.logrhythm.com
ExtraHop Reveal(x) - www.extrahop.com
Bitdefender GravityZone XDR - www.bitdefender.com
NetWitness Platform XDR - www.netwitness.com
Cybereason Defense Platform - www.cybereason.com
ContraForce - www.contraforce.com

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Totally free courses.

Now, what's your excuse?

Here are 4 ways you can start today:

1-Cloud Essentials Learning Plan
https://lnkd.in/dGW6tg3S

2-Developer Learning Plan
https://lnkd.in/d44u8BpV

3-Networking Core Learning Plan
https://lnkd.in/dAzxDWft

4-Data Analytics Learning Plan
https://lnkd.in/dCgqbrsD

Ref: Felipe Carvalho
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The cyber skills gap isn't about talent.

It's about access. 👇

The cybersecurity learning curve can feel steep.

But here's something many people don't know:

You can get world-class training without spending a dime.

1. Start with the Basics:

- Google's Cybersecurity Professional Certificate walks you through:
* cyber foundations
* risk management
* essential coding skills.
You'll master Linux, SQL, and Python basics in under 6 months.

- The ISC2 Certified in Cybersecurity program is a gem.
The training and certification exam are free - you only pay a $50 annual fee after passing.

2. Level Up with Technical Skills (hands-on practice):

- Security Blue Team offers 6 beginner-friendly courses with real demonstrations.
It's like having a mentor guide you through your first steps.

- TryHackMe and Hack The Box offer hands-on practice in real environments.
You'll learn by doing, not just watching.

3. Build Specialized Knowledge

- The Python Institute is there will elevate your scripting skills.

- The CompTIA Security+ prep materials cover core principles you'll need for entry-level positions.

- SANS teaches you practical basic security concepts.

4. Master Advanced Topics:

- Dive into defensive security and cyber risk management.

- Learn the NIST CSF framework and practical strategies.

- Learn OSINT for smart ways to gather and use public data for defense.

Ref: Liviu Munteanu
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 - 𝐑𝐄𝐃 𝐓𝐄𝐀𝐌

Pentesting is primarily concerned with identifying and exploiting vulnerabilities within a specific target system, striving to uncover as many weaknesses as possible.
This process aids in shoring up an organization's defenses by pinpointing areas of vulnerability.

On the other hand, a red team engagement shifts its focus. Instead of merely finding vulnerabilities, it aims to assess an organization's defensive capabilities by simulating real-world attacks.
The goal is to evaluate how well the organization can detect and respond to these simulated threat actors.

You will find below a list of resources for Red Teaming.

👉𝗪𝗛𝗔𝗧 𝗜𝗦 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠?
🌟Red Team definition, redteam guide by Joe Vest & James Tubberville
https://lnkd.in/eUaZcWvg

🌟Red Teaming Handbook, UK Ministry of Defense
https://lnkd.in/euUkwQRq

👉𝗪𝗛𝗔𝗧 𝗔𝗥𝗘 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠 𝗘𝗫𝗘𝗥𝗖𝗜𝗦𝗘𝗦?
🌟NIST’s Definition of Red Team Exercise
https://lnkd.in/eZVzn5AW

🌟Red Team Plan by Magoo
https://lnkd.in/eFUBzxEY

👉𝗧𝗘𝗖𝗛𝗡𝗜𝗤𝗨𝗘𝗦 𝗔𝗡𝗗 𝗠𝗘𝗧𝗛𝗢𝗗𝗢𝗟𝗢𝗚𝗜𝗘𝗦
🌟MITRE ATT&CK Matrix for Enterprise
https://attack.mitre.org/

🌟Red Team Guides by Joe Vest & James Tubberville
https://lnkd.in/eXPxchUk

🌟Red Team Operations Part 1 and 2 Joas A Santos
https://lnkd.in/e7m3XzE7
https://lnkd.in/es7uSQA4

🌟Red Team Notes 2.0 by dmcxblue
https://lnkd.in/ekGaQASx

👉𝗖𝗢𝗨𝗥𝗦𝗘𝗦 𝗔𝗡𝗗 𝗛𝗔𝗡𝗗𝗦 𝗢𝗡
🌟Hackersploit Red Team Series (video and guide)
https://lnkd.in/ek5naA4Q
https://lnkd.in/e4U2tW2z

🌟Responsible Red Teaming by The Taggart Institute
https://lnkd.in/eur4_nFn

🌟Red Teaming rooms on TryHackMe
https://lnkd.in/e8G9eMS5
https://lnkd.in/eYa9mHmk
https://lnkd.in/eQcnuu-m

🌟Board games by Hadess | حادث
https://lnkd.in/ee2EEyEh

👉𝗧𝗢𝗢𝗟𝗦
🌟Red Teaming Toolkit by infosecn1nja
https://lnkd.in/e8VnsYVH

🌟Red Team tools by A-poc
https://lnkd.in/evPBDZRm

🌟Red Teaming Toolkit Collection by 0xsp
https://lnkd.in/eP7jNUE4

🌟Red Team Ops Cobalt
https://lnkd.in/euMjeFEx

👉𝗕𝗢𝗡𝗨𝗦
🌟Red Team Resources by J0hnBx
https://lnkd.in/eeYCQ-Db

🌟Red Team Village talks
https://lnkd.in/eHwKj5gB

🌟A Beginner's Guide to Obfuscation by BC Security
https://lnkd.in/e92JuwPR

Full credit: Gabrielle B.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Cybersecurity 101 in one picture
1. Introduction to Cybersecurity
2. The CIA Triad
3. Common Cybersecurity Threats
4. Basic Defense Mechanisms
5. Cybersecurity Frameworks
6. Cybersecurity Ecosystem

🦑ARP and DNS Spoofing:


> Network Penetration Testing: Assess the security of networks by identifying weaknesses in ARP protocols and DNS resolutions. 🔍🛡

>Security Auditing: Log and analyze network traffic to discover potential vulnerabilities and improve network defenses. 📊🔒

> Educational Purposes: Learn and teach network security concepts through practical, hands-on experience with ARP and DNS spoofing techniques. 🎓📚

>Traffic Analysis: Monitor and capture traffic for forensic investigations or to understand user behavior on a network. 🔍📈


Installation 🛠
To install and run BlackVenom, follow these simple steps:

1️⃣ Create a Python Virtual Environment 🐍
First, create a virtual environment to manage dependencies:

python -m venv BlackVenom-Kali

2️⃣ Activate the Virtual Environment 🔑
Activate the virtual environment:

source BlackVenom-Kali/bin/activate

3️⃣ Install Dependencies 📦
Now, install the necessary dependencies from the requirements.txt file:

pip install -r requirements.txt

> Run the Tool ⚡️ After installation, you can run BlackVenom using the provided CLI:
python black_venom_cli.py
Usage Examples
Example 1: Basic ARP Spoofing
This command performs a basic ARP spoofing attack between a target and a gateway without enabling packet logging or DNS spoofing. 🔗

sudo python black_venom_cli.py \
    --target_ip 192.168.11.128 \
    --gateway_ip 192.168.11.2 \
    --interface eth0

Example 2: ARP Spoofing with Traffic Logging
In this example, packet logging is enabled while performing ARP spoofing. 📝

sudo python black_venom_cli.py \
    --target_ip 192.168.11.128 \
    --gateway_ip 192.168.11.2 \
    --interface eth0 \
    --enable_logging \
    --log_file ~/Desktop/captured_packets.pcap
Example 3: ARP Spoofing and DNS Spoofing
This command enables both ARP spoofing and DNS spoofing, redirecting DNS requests for a specific domain. 🌐🔀

sudo python black_venom_cli.py \
    --target_ip 192.168.11.128 \
    --gateway_ip 192.168.11.2 \
    --interface eth0 \
    --enable_logging \
    --log_file ~/Desktop/captured_packets.pcap

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Spoofing Utilities:

DNS-Spoof by Mustafa Dalga:
https://github.com/mustafadalga/dns-spoof

MITM Attack Practice:
https://github.com/bilalz5-github/MITM-Attack_practice

ARP Spoof Detection Tool (Dr. Spoof):
https://github.com/Enixes/Dr.Spoof

AdBleed (DNS Redirection Tool):
https://github.com/arevaclier/AdBleed

DNS Packet Injection:
https://github.com/shreyasbhatia09/DNS-Packet-Injection

PyDNS (Python DNS Server):
https://github.com/Douile/pydns

Rock-DDOS (Includes ARP Spoofing):
https://github.com/MasonDye/Rock-DDOS

NetSpionage:
https://github.com/ANG13T/netspionage

Dead Drop (Network Steganography with Spoofing):
https://github.com/kerosene5/Dead_Drop

ATA-Shell (ARP Modular Shell):
https://github.com/shelbenheimer/ata-shell

Phishing with DNS Spoofing Demo:
https://github.com/chi-0828/Phishing-with-DNS-spoofing

RITM (Roast in the Middle for MITM):
https://github.com/Tw1sm/RITM

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁