⚠️پیداکردن آسیب پذیری های موجود در یک شرکت هاستینگ و رفع آنها !

🖥 سری ویدیو های حل ماشین های VunlHub

حل ماشین Insanity - بخش اول

👨‍💻مدرس : سجاد تیموری
#Insanity
https://youtu.be/6HMxMeMbPVU

🔝 @InfoSecTube
🖥 youtube.com/c/InfoSecTube
🍁 instagram.com/info_sec_tube

#interview #Cybersecurity
🔶What is an ARP packet?

ARP is the protocol used to associate the IP address to a MAC address. When a host wants to send a packet to another host, say IP address 10.5. 5.1, on its local area network (LAN), it first sends out (broadcasts) an ARP packet.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🖥 سری ویدیو های اموزشی متخصص متاسپلویت

🎥29-ساخت پیلود شل معکوس با متاسپلویت


👨‍💻مدرس : میلاد کهساری الهادی
🧬لینک ویدیو:
https://youtu.be/1Qs62DnEqxY

🔝 @InfoSecTube
🖥 youtube.com/c/InfoSecTube
🍁 instagram.com/info_sec_tube

#interview #Cybersecurity
🔶What is an ICMP packet?
ICMP packets are IP packets with ICMP in the IP data portion. ICMP messages also contain the entire IP header from the original message, so the end system knows which packet failed. The ICMP header appears after the IPv4 or IPv6 packet header and is identified as IP protocol number 1.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

#interview #Cybersecurity
🔶What Does PWN Mean?
PWN is hacker jargon meaning to conquer or dominate. In the context of online security, Pwned often means that your account or system has been breached, and your passwords—user passwords or privileged passwords—have been compromised. The word originated in online gaming forums as a misspelling of “owned.”

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

#interview #Cybersecurity
🔶What is Network Penetration Testing & How Does it Work?


Penetration testing, or pen testing, involves simulating cyberattacks against your own systems to help identify any vulnerabilities that could be potentially exploited. Network penetration tests use various hacking techniques to identify security vulnerabilities in your networks.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

🖥 سری ویدیو های اموزشی متخصص متاسپلویت

🎥28-حملات سمت کاربر در متاسپلویت


👨‍💻مدرس : میلاد کهساری الهادی
🧬لینک ویدیو:
https://youtu.be/gQ6yxHRr2_c

🔝 @InfoSecTube
🖥 youtube.com/c/InfoSecTube
🍁 instagram.com/info_sec_tube

🔸gitlab-subdomains
Find subdomains on GitLab
🕸
https://github.com/gwen001/gitlab-subdomains


🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

Psiphon

ویندوز اندروید
فیلترشکن سایفون
چندروزی هست که دوباره کانکت میشه


وبسایت رسمی
https://psiphon.ca/

لینک دانلود ویندوز
https://psiphon.ca/psiphon3.exe

لینک دانلود اندروید
https://psiphon.ca/PsiphonAndroid.apk

یا به [email protected]
ایمیل خالی بزنید
برای دانلود به بات رسمی سایفون فارسی برید
@Psiphon_FA_Bot

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

استگانوگرافی چیست؟

استگانوگرافی علم نوشتن پیام های پنهان است به گونه ای که هیچ کس به جز فرستنده و گیرنده مورد نظر حتی متوجه وجود یک پیام پنهان نمی شود.


Steganography Tools
یک سرویس آنلاین است که همین کار را انجام می دهد، اما برای استفاده از آن نیازی به مهارت های کنسول نیست. قادر به مخفی کردن متن نه تنها در یک تصویر، بلکه در یک فایل صوتی.

برای مخفی کردن داده ها:
1. روی "Encode an image" کلیک کنید.
2. فایل jpeg، .wav یا .au مورد نظر را انتخاب کنید.
3. یک رمز عبور برای رمزگشایی تنظیم کنید.
4. متن مخفی را وارد کنید یا کل فایل را آپلود کنید و روی «ارسال» ضربه بزنید.

برای رمزگشایی فایل به دست آمده، به تب "Decode an image" بروید و از رمز عبور رمزگشایی که قبلا تنظیم شده است استفاده کنید.
https://futureboy.us/stegano/

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

#interview #Cybersecurity

🔶What is buffer overflow with example?

In a buffer-overflow attack, the extra data sometimes holds specific instructions for actions intended by a hacker or malicious user; for example, the data could trigger a response that damages files, changes data or unveils private information.

A buffer overflow (or buffer overrun) occurs when the volume of data exceeds the storage capacity of the memory buffer. As a result, the program attempting to write the data to the buffer overwrites adjacent memory locations.

Most of the time, a buffer overflow raises a memory access violation, causing the application where the overflow occurred to crash. Successful exploitation of an overflow by an attacker can allow arbitrary code execution which can lead to malware installation.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

#Cybersecurity #interview

🔶What are the different types of buffer overflow attacks?

🔸Stack overflow attack - This is the most common type of buffer overflow attack and involves overflowing a buffer on the call stack*.

🔸Heap overflow attack - This type of attack targets data in the open memory pool known as the heap*.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

#interview #Cybersecurity

🔶How to protect against buffer overflow attacks?

Luckily, modern operating systems have runtime protections which help mitigate buffer overflow attacks. Let’s explore 2 common protections that help mitigate the risk of exploitation:

🔸Address space randomization - Randomly rearranges the address space locations of key data areas of a process. Buffer overflow attacks generally rely on knowing the exact location of important executable code, randomization of address spaces makes that nearly impossible.

🔸Data execution prevention - Marks certain areas of memory either executable or non-executable, preventing an exploit from running code found in a non-executable area.

Software developers can also take precautions against buffer overflow vulnerabilities by writing in languages that have built-in protections or using special security procedures in their code.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

#interview #Cybersecurity

🔶Who is vulnerable to buffer overflow attacks?

Certain coding languages are more susceptible to buffer overflow than others. C and C++ are two popular languages with high vulnerability, since they contain no built-in protections against accessing or overwriting data in their memory. Windows, Mac OSX, and Linux all contain code written in one or both of these languages.

More modern languages like Java, PERL, and C# have built-in features that help reduce the chances of buffer overflow, but cannot prevent it altogether.

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

#interview #Cybersecurity

🔶How do attackers exploit buffer overflows?
An attacker can deliberately feed a carefully crafted input into a program that will cause the program to try and store that input in a buffer that isn’t large enough, overwriting portions of memory connected to the buffer space. If the memory layout of the program is well-defined, the attacker can deliberately overwrite areas known to contain executable code. The attacker can then replace this code with his own executable code, which can drastically change how the program is intended to work.

For example if the overwritten part in memory contains a pointer (an object that points to another place in memory) the attacker’s code could replace that code with another pointer that points to an exploit payload. This can transfer control of the whole program over to the attacker’s code.

useful link

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube

#interview #Cybersecurity

🔶How do attackers exploit buffer overflows?
An attacker can deliberately feed a carefully crafted input into a program that will cause the program to try and store that input in a buffer that isn’t large enough, overwriting portions of memory connected to the buffer space. If the memory layout of the program is well-defined, the attacker can deliberately overwrite areas known to contain executable code. The attacker can then replace this code with his own executable code, which can drastically change how the program is intended to work.

For example if the overwritten part in memory contains a pointer (an object that points to another place in memory) the attacker’s code could replace that code with another pointer that points to an exploit payload. This can transfer control of the whole program over to the attacker’s code.

useful link 1
useful link 2

🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube