You hear Cybersecurity everywhere nowadays, everybody talk about it, lots of website and companies have problem with breaches and leaked information with Darknet bringing a way to dump all the databases and username password on the internet.

Last Year with had some big releases on Reddit, sets of email addresses and passwords totaling 2,692,818,238 rows, made up of many different individual data breaches from thousands of different sources. In total, there were 1,160,253,228 unique combinations of email addresses and passwords, Unique email addresses totaled 772,904,991, Unique passwords totaled 21,222,975. and all that was just from one release. I saw a raise of the amount of the attack on WordPress sites I take care of too.

I have a good grasp of Cybersecurity and different parts of it but I have not practiced it in any way. In this series of blogs, I’m going to try some new tools, Some CTF and some challenges and writeups. But the focus of it would be on web application security.

There are many different categories in Cybersecurity, both offensive and defensive moves, some of the categories we are going to talk about are listed below, but this is not only about the tools, we are going to discover where and how you can get sensitive information or buy and sell hacked computers, shells and control panels, etc..

  • Frameworks & Command-line tools
  • Staying Safe
  • VPN & Tor Proxy
  • Mapping out the target with Port Scanner & Network Exploration Tool (Nmap)
  • Scanning & Exploiting Vulnerability (Nikto, Wpscan, Skipfish)
  • SQL Injections
  • XXS Injections
  • File Injection
  • Shell injection
  • Account & hash Brute forcing
  • Brute forcing and Cracking (Hydra, Hashcat)
  • Password/combo lists
  • Writeups
© Ehsan Pourhadi - Digital Developer