#Interview #Cybersecurity
🔶What is Port Scanning?
Port Scanning is the technique used to identify open ports and service available on a host. Hackers use port scanning to find information that can be helpful to exploit vulnerabilities. Administrators use Port Scanning to verify the security policies of the network. Some of the common Port Scanning Techniques are:
Ping Scan
TCP Half-Open
TCP Connect
UDP
Stealth Scanning
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔶What is Port Scanning?
Port Scanning is the technique used to identify open ports and service available on a host. Hackers use port scanning to find information that can be helpful to exploit vulnerabilities. Administrators use Port Scanning to verify the security policies of the network. Some of the common Port Scanning Techniques are:
Ping Scan
TCP Half-Open
TCP Connect
UDP
Stealth Scanning
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍2
#Interview #Cybersecurity
🔶What is Deep Learning?
The Deep learning is a subset of machine learning that involves systems that think and learn like humans using artificial neural networks. The term ‘deep’ comes from the fact that you can have several layers of neural networks.
One of the primary differences between machine learning and deep learning is that feature engineering is done manually in machine learning. In the case of deep learning, the model consisting of neural networks will automatically determine which features to use (and which not to use).
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔶What is Deep Learning?
The Deep learning is a subset of machine learning that involves systems that think and learn like humans using artificial neural networks. The term ‘deep’ comes from the fact that you can have several layers of neural networks.
One of the primary differences between machine learning and deep learning is that feature engineering is done manually in machine learning. In the case of deep learning, the model consisting of neural networks will automatically determine which features to use (and which not to use).
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#interview #cybersecurity
🔶What is the Difference Between Supervised and Unsupervised Machine Learning?
Supervised learning - This model learns from the labeled data and makes a future prediction as output
Unsupervised learning - This model uses unlabeled input data and allows the algorithm to act on that information without guidance.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔶What is the Difference Between Supervised and Unsupervised Machine Learning?
Supervised learning - This model learns from the labeled data and makes a future prediction as output
Unsupervised learning - This model uses unlabeled input data and allows the algorithm to act on that information without guidance.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#Interview #Cybersecurity
🔶What is Semi-supervised Machine Learning?
Supervised learning uses data that is completely labeled, whereas unsupervised learning uses no training data.
In the case of semi-supervised learning, the training data contains a small amount of labeled data and a large amount of unlabeled data.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔶What is Semi-supervised Machine Learning?
Supervised learning uses data that is completely labeled, whereas unsupervised learning uses no training data.
In the case of semi-supervised learning, the training data contains a small amount of labeled data and a large amount of unlabeled data.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#interview #cybersecurity
What is CORS (cross-origin resource sharing)?
Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and adds flexibility to the same-origin policy (). However, it also provides potential for cross-domain attacks, if a website's CORS policy is poorly configured and implemented. CORS is not a protection against cross-origin attacks such as (CSRF).
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
What is CORS (cross-origin resource sharing)?
Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and adds flexibility to the same-origin policy (). However, it also provides potential for cross-domain attacks, if a website's CORS policy is poorly configured and implemented. CORS is not a protection against cross-origin attacks such as (CSRF).
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍4👎1
#interview #cybersecurity
🔸Can You Reset a Password-Protected BIOS Configuration?
BIOS (Basic Input or Output System) is a firmware located on a memory chip, often in a computer’s motherboard or system board. A typical BIOS security feature is a user password that must be entered to boot up a device. If you wish to reset a password-protected BIOS configuration, you’ll need to turn off your device, locate a password reset jumper on the system board, remove the jumper plug from the password jumper-pins, and turn on the device without the jumper plug to clear the password. This will reset the BIOS to default factory settings.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸Can You Reset a Password-Protected BIOS Configuration?
BIOS (Basic Input or Output System) is a firmware located on a memory chip, often in a computer’s motherboard or system board. A typical BIOS security feature is a user password that must be entered to boot up a device. If you wish to reset a password-protected BIOS configuration, you’ll need to turn off your device, locate a password reset jumper on the system board, remove the jumper plug from the password jumper-pins, and turn on the device without the jumper plug to clear the password. This will reset the BIOS to default factory settings.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍3
#interview #cybersecurity
🔸What Is the Difference Between Black Box Testing and White Box Testing?
Black box testing evaluates the behavior and functionality of a software product. This testing methodology operates from an end-user perspective and requires no software engineering knowledge. Black box testers do not have information about the internal structure or design of the product. Conversely, white box testing is typically performed by developers to assess the quality of a product’s code. The tester must understand the internal operations of the product.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Is the Difference Between Black Box Testing and White Box Testing?
Black box testing evaluates the behavior and functionality of a software product. This testing methodology operates from an end-user perspective and requires no software engineering knowledge. Black box testers do not have information about the internal structure or design of the product. Conversely, white box testing is typically performed by developers to assess the quality of a product’s code. The tester must understand the internal operations of the product.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍3
#interview #cybersecurity
🔸What Do You Mean by Phishing? How Many Types of Phishing Are There?
🔸Phishing is a type of cyberattack in which communications that appear trustworthy contain content that installs malware on a target’s device or directs a target to a malicious website. While email phishing is perhaps most common, other types of phishing exist as well.
🔸Spear phishing pursues specific targets within an organization and uses real information to convince targets that the malicious communication is an internal request from the organization, thereby increasing the chances that the target will access the malware disguised in the communication. Whaling is a type of phishing that targets C-suite executives, and smishing is a phishing attack conducted via text or SMS. From vishing to pharming, over ten different kinds of phishing exist—and the list continues to grow.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Do You Mean by Phishing? How Many Types of Phishing Are There?
🔸Phishing is a type of cyberattack in which communications that appear trustworthy contain content that installs malware on a target’s device or directs a target to a malicious website. While email phishing is perhaps most common, other types of phishing exist as well.
🔸Spear phishing pursues specific targets within an organization and uses real information to convince targets that the malicious communication is an internal request from the organization, thereby increasing the chances that the target will access the malware disguised in the communication. Whaling is a type of phishing that targets C-suite executives, and smishing is a phishing attack conducted via text or SMS. From vishing to pharming, over ten different kinds of phishing exist—and the list continues to grow.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍2
#interview #cybersecurity
🔸What Is Forward Secrecy?
Forward secrecy is a feature of certain key agreement protocols that generates a unique session key for each transaction. Thanks to forward secrecy, an intruder cannot access data from more than one communication between a client and a server—even if the security of one communication is compromised.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Is Forward Secrecy?
Forward secrecy is a feature of certain key agreement protocols that generates a unique session key for each transaction. Thanks to forward secrecy, an intruder cannot access data from more than one communication between a client and a server—even if the security of one communication is compromised.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍2
💣 هشدار!
🔸آسیب پذیری خطرناکی در RouterOS شرکت میکروتیک امکان اجرای کدهای مخرب را برای هکر از طریق Nova Message فراهم می نماید.
🔸این آسیب پذیری با شناسه CVE-2022-45313 و درجه اهمیت حیاتی شناخته می شود که یک محقق امنیتی برای درک بهتر آن PoC نیز منتشر کرده است که در ادامه می توانید با جزئیات فنی آن بیشتر آشنا شوید.
نکته به دلیل کثرت استفاده از این این محصول لطفا سیستم عامل RouterOS آن را در اسرع وقت به نسخه پایدار 7.5 یا بالاتر به روز رسانی نمایید.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸آسیب پذیری خطرناکی در RouterOS شرکت میکروتیک امکان اجرای کدهای مخرب را برای هکر از طریق Nova Message فراهم می نماید.
🔸این آسیب پذیری با شناسه CVE-2022-45313 و درجه اهمیت حیاتی شناخته می شود که یک محقق امنیتی برای درک بهتر آن PoC نیز منتشر کرده است که در ادامه می توانید با جزئیات فنی آن بیشتر آشنا شوید.
نکته به دلیل کثرت استفاده از این این محصول لطفا سیستم عامل RouterOS آن را در اسرع وقت به نسخه پایدار 7.5 یا بالاتر به روز رسانی نمایید.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
#interview #cybersecurity
🔸What Are Spyware Attacks?
Spyware is a kind of malware that is covertly installed on a targeted device to collect private data. Spyware can infiltrate a device when a user visits a malicious website, opens an infected file attachment, or installs a program or application containing spyware. Once installed, the spyware monitors activity and captures sensitive data, later relaying this information back to third-party entities.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Are Spyware Attacks?
Spyware is a kind of malware that is covertly installed on a targeted device to collect private data. Spyware can infiltrate a device when a user visits a malicious website, opens an infected file attachment, or installs a program or application containing spyware. Once installed, the spyware monitors activity and captures sensitive data, later relaying this information back to third-party entities.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
#interview #cybersecurity
🔸What Is ARP Poisoning? Can You Explain With an Example?
🔸ARP poisoning is a type of cyberattack that aims to interrupt, redirect, or covertly monitor network traffic. The ARP (address resolution protocol) establishes IP-level connections to new hosts by accepting requests from new devices to join the LAN (local area network) and provides an IP address. The ARP also translates the IP address to a MAC address and sends ARP packet requests to query appropriate MAC addresses to use, which saves time for network administrators.
🔸After sending fabricated ARP packets to link an intruder’s MAC address with an IP of a device already connected to the LAN (known as ARP spoofing), a hacker can initiate ARP poisoning by changing the extant ARP table to contain falsified MAC maps. A successful ARP poisoning will link the attacker’s MAC address with the target’s LAN, rerouting incoming traffic to the attacker.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Is ARP Poisoning? Can You Explain With an Example?
🔸ARP poisoning is a type of cyberattack that aims to interrupt, redirect, or covertly monitor network traffic. The ARP (address resolution protocol) establishes IP-level connections to new hosts by accepting requests from new devices to join the LAN (local area network) and provides an IP address. The ARP also translates the IP address to a MAC address and sends ARP packet requests to query appropriate MAC addresses to use, which saves time for network administrators.
🔸After sending fabricated ARP packets to link an intruder’s MAC address with an IP of a device already connected to the LAN (known as ARP spoofing), a hacker can initiate ARP poisoning by changing the extant ARP table to contain falsified MAC maps. A successful ARP poisoning will link the attacker’s MAC address with the target’s LAN, rerouting incoming traffic to the attacker.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
💠 جادی رو برای گیتهاب استارز کاندید کنید
💠گیتهاب، پلتفرم توسعه نرمافزار، امسال برنامهای برگزار کرده به عنوان ستارگان گیتهاب که در اون الهامبخش ترین و تاثیرگذارترین برنامهنویسان دنیا رو با توجه به رای مردم معرفی میکنه.
💠جادی رو میتونین با نام کاربری زیر برای کاندیدا معرفی کنین
jadijadi
🔗 https://stars.github.com/nominate
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
💠گیتهاب، پلتفرم توسعه نرمافزار، امسال برنامهای برگزار کرده به عنوان ستارگان گیتهاب که در اون الهامبخش ترین و تاثیرگذارترین برنامهنویسان دنیا رو با توجه به رای مردم معرفی میکنه.
💠جادی رو میتونین با نام کاربری زیر برای کاندیدا معرفی کنین
jadijadi
🔗 https://stars.github.com/nominate
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
❤6
#interview #cybersecurity
🔸What Do You Mean by SQL Injection?
A SQL injection is a type of cyberattack that inserts malicious SQL code via input data to manipulate databases. A properly executed SQL injection can read sensitive data stored in the database, modify that data, execute administration operations, or potentially issue operating system commands. This enables attackers to manipulate data, create repudiation problems, destroy data or restrict access to it, disclose all data within the database, and make themselves administrators of the database server.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What Do You Mean by SQL Injection?
A SQL injection is a type of cyberattack that inserts malicious SQL code via input data to manipulate databases. A properly executed SQL injection can read sensitive data stored in the database, modify that data, execute administration operations, or potentially issue operating system commands. This enables attackers to manipulate data, create repudiation problems, destroy data or restrict access to it, disclose all data within the database, and make themselves administrators of the database server.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍2
#interview #ai
🔸Unsupervised Learning
In unsupervised learning, we don't have labeled data. A model can identify patterns, anomalies, and relationships in the input data.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸Unsupervised Learning
In unsupervised learning, we don't have labeled data. A model can identify patterns, anomalies, and relationships in the input data.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
Forwarded from InfoSecTube
📽 #Tutorials #android_penetration_testing
🌐 36 -How To Hack Android Phone on Same Wifi Network With Kali
🌐 37-How to Hack any android device using AhMyth over wan
🌐 38-how to hack android phone with spynote
🌐39-how to hack android phone with droidjack over the wan
🌐40-Hack Any Android Device With FatRat Tool(bind and fud rat)
🔝 @InfoSecTube
🌐 36 -How To Hack Android Phone on Same Wifi Network With Kali
🌐 37-How to Hack any android device using AhMyth over wan
🌐 38-how to hack android phone with spynote
🌐39-how to hack android phone with droidjack over the wan
🌐40-Hack Any Android Device With FatRat Tool(bind and fud rat)
🔝 @InfoSecTube
This media is not supported in your browser
VIEW IN TELEGRAM
این کلیپ توسط همکاران دکتر قره حسنلو ایجاد شده. حاوی عکس هایی از سوابق و اقدامات ایشون.
طبق خبرها دکتر قره حسنلو به اتهام فساد فی العرض به اعدام محکوم شده اند.
روزنامه شرق: دکتر قرهحسنلو در حال کمک به مجروحان بوده/ شاهد اصلی به دادگاه دعوت نشد
#منفی_امنیت
طبق خبرها دکتر قره حسنلو به اتهام فساد فی العرض به اعدام محکوم شده اند.
روزنامه شرق: دکتر قرهحسنلو در حال کمک به مجروحان بوده/ شاهد اصلی به دادگاه دعوت نشد
#منفی_امنیت
👎9❤7
🔸 تفاوت بین CVE و CWE
اصطلاح CVE مختصر عبارت common vulnerabilities and exposures میباشد،
در تعریفی کوتاه تفاوت میان CVE و CWE در این است که یکی در مورد علائم و دیگری در مورد علت است. همچنین CWE انواع آسیبپذیریهای نرمافزاری را نشان میدهد.
اصلاح CVE فقط فهرستی از ضعفهای شناخته شده در مورد سیستمها و محصولاتی خاص است. انجام این پروژه با اسپانسری US-CERT و نظارت Mitre صورت میگیرد. توسط CVE نگهداشت کنترلهای امنیتی برای اطمینان از برنامه کاربردی صورت میگیرد ولی به اندازه CWE یکپارچگی ندارد. با این حال، CVE براحتی با CWE سازگار است.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
اصطلاح CVE مختصر عبارت common vulnerabilities and exposures میباشد،
در تعریفی کوتاه تفاوت میان CVE و CWE در این است که یکی در مورد علائم و دیگری در مورد علت است. همچنین CWE انواع آسیبپذیریهای نرمافزاری را نشان میدهد.
اصلاح CVE فقط فهرستی از ضعفهای شناخته شده در مورد سیستمها و محصولاتی خاص است. انجام این پروژه با اسپانسری US-CERT و نظارت Mitre صورت میگیرد. توسط CVE نگهداشت کنترلهای امنیتی برای اطمینان از برنامه کاربردی صورت میگیرد ولی به اندازه CWE یکپارچگی ندارد. با این حال، CVE براحتی با CWE سازگار است.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
YouTube
InfoSecTube
Unlock the Power of Ethical Hacking: Learn by Hacking
🔒 Looking to master the art of ethical hacking? Welcome to a channel designed to quench your thirst for diving deep into pen-testing without the inevitable headache. With casually explained walk-throughs…
🔒 Looking to master the art of ethical hacking? Welcome to a channel designed to quench your thirst for diving deep into pen-testing without the inevitable headache. With casually explained walk-throughs…
👍1
#interview #ai
🔸Reinforcement Learning
The model can learn based on the rewards it received for its previous action.
Consider an environment where an agent is working. The agent is given a target to achieve. Every time the agent takes some action toward the target, it is given positive feedback. And, if the action taken is going away from the goal, the agent is given negative feedback.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸Reinforcement Learning
The model can learn based on the rewards it received for its previous action.
Consider an environment where an agent is working. The agent is given a target to achieve. Every time the agent takes some action toward the target, it is given positive feedback. And, if the action taken is going away from the goal, the agent is given negative feedback.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
#معرفی_سایت
♻️ با استفاده از سایت های زیر میتونید بدون فیلترشکن یوتیوب تماشا کنید
💢بدون تبلیغات
💢قابلیت دانلود کلیپ ها
💢بدون نیاز به فیلترشکن
yewtu.be/ 🇳🇱
invidious.esmailelbob.xyz/ 🇨🇦
inv.bp.projectsegfau.lt/ 🇱🇺
invidious.nerdvpn.de/ 🇩🇪
invidious.sethforprivacy.com/ 🇩🇪
invidious.tiekoetter.com/ 🇩🇪
inv.vern.cc/ 🇺🇸
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
♻️ با استفاده از سایت های زیر میتونید بدون فیلترشکن یوتیوب تماشا کنید
💢بدون تبلیغات
💢قابلیت دانلود کلیپ ها
💢بدون نیاز به فیلترشکن
yewtu.be/ 🇳🇱
invidious.esmailelbob.xyz/ 🇨🇦
inv.bp.projectsegfau.lt/ 🇱🇺
invidious.nerdvpn.de/ 🇩🇪
invidious.sethforprivacy.com/ 🇩🇪
invidious.tiekoetter.com/ 🇩🇪
inv.vern.cc/ 🇺🇸
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
yewtu.be
Invidious - search
An alternative front-end to YouTube
👍2
Ashish_Mishra_Modern_Cybersecurity_Strategies_for_Enterprises_Protect.pdf
8.6 MB
📚 کتاب:
Modern Cybersecurity Strategies for Enterprises: Protect and Secure Your Enterprise Networks, Digital Business Assets, and Endpoint Security with Tested and Proven Methods
👤 نویسنده: Ashish Mishra
کتابی مهندسی و کاربردی برای کارشناسان، حاصل تجربیات 18 ساله یک مهندس در صنعت، حاوی مفاهیم امنیت، تهدیدها و ابزارها در یک سازمان، تیم پاسخ دهی به رخدادها
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
Modern Cybersecurity Strategies for Enterprises: Protect and Secure Your Enterprise Networks, Digital Business Assets, and Endpoint Security with Tested and Proven Methods
👤 نویسنده: Ashish Mishra
کتابی مهندسی و کاربردی برای کارشناسان، حاصل تجربیات 18 ساله یک مهندس در صنعت، حاوی مفاهیم امنیت، تهدیدها و ابزارها در یک سازمان، تیم پاسخ دهی به رخدادها
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube