What is Burp Suite?

Burp Suite, the Swiss Army Knife, is a proxy tool which can intercept requests and is often used for evaluating security of web-based applications and doing hands-on testing.

Burp Suite Community Edition

Burp Suite comes with 3 edition out of which community edition is free to…

Nmap Syntax

Nmap Syntax

1.Scanning an IP
Syntax: nmap <target-ip>

2.Scanning a HOST
Syntax: nmap <www.example.com>

3.Scanning a range of IPs Syntax: nmap <ip-address-range>

4.Scanning a Subnet
Syntax: nmap <ip-address/24>

5.Scanning a Targets from a Text File Syntax: nmap -iL <list.txt>

6.Scanning target & Ignore Discovery Syntax: nmap -target-ip <-Pn>

7.Scanning target…

Bug Bounty Tool List Which are useful for Hunting

Bug Bounty Tool List

dnscan https://github.com/rbsec/dnscan

Knockpy https://github.com/guelfoweb/knock

Sublist3r https://github.com/aboul3la/Sublist3r

massdns https://github.com/blechschmidt/massdns

nmap https://nmap.org

masscan https://github.com/robertdavidgraham/masscan

EyeWitness https://github.com/ChrisTruncer/EyeWitness

DirBuster https://sourceforge.net/projects/dirbuster/

dirsearch https://github.com/maurosoria/dirsearch

Gitrob https://github.com/michenriksen/gitrob

git-secrets https://github.com/awslabs/git-secrets

sandcastle https://github.com/yasinS/sandcastle

bucket_finder https://digi.ninja/projects/bucket_finder.php

GoogD0rker https://github.com/ZephrFish/GoogD0rker/

Wayback Machine https://web.archive.org

waybackurls https://gist.github.com/mhmdiaa/adf6bff70142e5091792841d4b372050 Sn1per https://github.com/1N3/Sn1per/

XRay https://github.com/evilsocket/xray

wfuzz https://github.com/xmendez/wfuzz/

patator https://github.com/lanjelot/patator

datasploit https://github.com/DataSploit/datasploit

hydra https://github.com/vanhauser-thc/thc-hydra

changeme https://github.com/ztgrace/changeme

MobSF https://github.com/MobSF/Mobile-Security-Framework-MobSF/ Apktool https://github.com/iBotPeaches/Apktool

dex2jar https://sourceforge.net/projects/dex2jar/

sqlmap http://sqlmap.org/

oxml_xxe https://github.com/BuffaloWill/oxml_xxe/

XXE Injector https://github.com/enjoiz/XXEinjector

The JSON Web Token Toolkit https://github.com/ticarpi/jwt_tool

ground-control https://github.com/jobertabma/ground-control

ssrfDetector https://github.com/JacobReynolds/ssrfDetector

LFISuit https://github.com/D35m0nd142/LFISuite

GitTools https://github.com/internetwache/GitTools

dvcs-ripper https://github.com/kost/dvcs-ripper

tko-subs https://github.com/anshumanbh/tko-subs

HostileSubBruteforcer https://github.com/nahamsec/HostileSubBruteforcer Race the Web https://github.com/insp3ctre/race-the-web

ysoserial https://github.com/GoSecure/ysoserial

PHPGGC https://github.com/ambionics/phpggc

CORStest https://github.com/RUB-NDS/CORStest

retire-js https://github.com/RetireJS/retire.js

getsploit https://github.com/vulnersCom/getsploit

Findsploit https://github.com/1N3/Findsploit

bfac https://github.com/mazen160/bfac

WPScan https://wpscan.org/

CMSMap https://github.com/Dionach/CMSmap

Amass https://github.com/OWASP/Amass

Endpoint Antivirus vs. Endpoint Security

The difference between endpoint antivirus and endpoint security

Antivirus and endpoint security are the same thing, right? The answer is: yes and no. Typically, you’re more likely to hear the word “antivirus” in the home user space, while “endpoint security” or “endpoint protection” is more common as a term in the business space…

Below are 10 of the most pervasive types of phishing:

Standard Email Phishing — Arguably the most widely known form of phishing, this attack is an attempt to steal sensitive information via an email that appears to be from a legitimate organization. …

The packet capture tool tcpdump allows the interception and capture of packets passing through a network interface. This makes it useful for understanding and troubleshooting network layer problems. It helps in monitoring packet flow coming from the interface, the response for each packet, packet drop, and ARP information. …

1.Testing for browser cache weaknesses // Assessing Authentication Schemes // Web App Penetration

2. Testing for account enumeration and guessable accounts // Assessing Authentication Schemes

3. Testing for weak lock-out mechanisms // Assessing Authentication Schemes // Web App Penetration

4. Account provisioning process via REST API //…

  1. How does ransomware get into your network? // Ransomware Entry Points [Ransomware Attack]


2. Ransomware: Countermeasures and Preparing Your Incident Response // Defending a Ransomware Attack

Firewall Training Course Playlist:


Firewall Training Course - Module

Module:1 Introduction to Firewalls | Firewall Types l Packet Filtering l TCP state table | Firewall Behavior

Module:2 NAT Explained | How NAT Works? | Types of NAT

Module:3 What is DMZ? | DMZ Zone

Module:4 What is Next-generation Firewall | NEXT-GENERATION FIREWALL

Module:5 ANTISPAM | How ANTISPAM works on Firewall | SPAM PROTECTION

Module:6 What is VPN? | VPN Features | VPN Protocols | VPN Types

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store