Keyboard shortcuts for Telegram Desktop ⌨️
Action : Command
• Move to next chat : Ctrl + Tab
• Move to next chat : Ctrl + PageDown
• Move to next chat : Alt + Arrow Down
• Move to previous chat : Ctrl + Shift + Tab
• Move to previous chat : Ctrl + PageUp
• Move to previous chat : Alt + Arrow Up
• Go to Previous Folder : Ctrl + Shift + Arrow Up
• Go to Next Folder : Ctrl + Shift + Arrow Down
• Search selected chat : Ctrl + F
• Exit selected chat and search Telegram : Esc
• Exit display of current chat/channel : Esc
• Delete currently selected message : Delete
• Quit Telegram : Ctrl + Q
• Lock Telegram (if Local Password is set) : Ctrl + L
• Iconify (Minimize) Telegram : Ctrl + M
• Iconify (Minimize) Telegram to System Tray : Ctrl + W
• Edit Previous Message : Arrow Up
• Start New Line in Input Area : Ctrl + Enter or Shift + Enter
• Move Cursor to Start of Multi-line Message : Ctrl + Home
• Make Text Italic : Ctrl + I
• Make Text Bold : Ctrl + B
• Make Text Underline : Ctrl + U
Make Text Striketrough : Ctrl + Shift + X
• Make Text Monospace : Ctrl + Shift + M
• Remove Text Formatting (Make Selection Plain Text) : Ctrl + Shift + N
• PH4N745M
• Add URL to Selected Text (Make Link) : Ctrl + K
• Send File : Ctrl + O
• Open Contacts : Ctrl + J
• Fast Scroll : Scroll with Ctrl or Shift pressed.
• Reply in another chat : Ctrl+Click on Reply in the menu.
• Jump to a message from the reply panel : Ctrl + LMB.
• Open conversation in a separate tab : Ctrl + click.
• Jump between Folders : Ctrl + 1,2,3...
#Desktop #Shortcuts #Tips
Action : Command
• Move to next chat : Ctrl + Tab
• Move to next chat : Ctrl + PageDown
• Move to next chat : Alt + Arrow Down
• Move to previous chat : Ctrl + Shift + Tab
• Move to previous chat : Ctrl + PageUp
• Move to previous chat : Alt + Arrow Up
• Go to Previous Folder : Ctrl + Shift + Arrow Up
• Go to Next Folder : Ctrl + Shift + Arrow Down
• Search selected chat : Ctrl + F
• Exit selected chat and search Telegram : Esc
• Exit display of current chat/channel : Esc
• Delete currently selected message : Delete
• Quit Telegram : Ctrl + Q
• Lock Telegram (if Local Password is set) : Ctrl + L
• Iconify (Minimize) Telegram : Ctrl + M
• Iconify (Minimize) Telegram to System Tray : Ctrl + W
• Edit Previous Message : Arrow Up
• Start New Line in Input Area : Ctrl + Enter or Shift + Enter
• Move Cursor to Start of Multi-line Message : Ctrl + Home
• Make Text Italic : Ctrl + I
• Make Text Bold : Ctrl + B
• Make Text Underline : Ctrl + U
Make Text Striketrough : Ctrl + Shift + X
• Make Text Monospace : Ctrl + Shift + M
• Remove Text Formatting (Make Selection Plain Text) : Ctrl + Shift + N
• PH4N745M
• Add URL to Selected Text (Make Link) : Ctrl + K
• Send File : Ctrl + O
• Open Contacts : Ctrl + J
• Fast Scroll : Scroll with Ctrl or Shift pressed.
• Reply in another chat : Ctrl+Click on Reply in the menu.
• Jump to a message from the reply panel : Ctrl + LMB.
• Open conversation in a separate tab : Ctrl + click.
• Jump between Folders : Ctrl + 1,2,3...
#Desktop #Shortcuts #Tips
👍13👏6❤4
Skills and Resources you need to Become Ethical Hacker in 2024
Strong understanding of networks and systems: Understanding how networks and systems work is essential for identifying vulnerabilities and exploiting them in an ethical manner.
Programming and noscripting skills: Familiarity with programming and noscripting languages such as Python, JavaScript, and Bash is important for automating tasks and writing custom noscripts for ethical hacking.
Hands-on experience with hacking tools: Familiarity with tools such as Nmap, Metasploit, and Wireshark is essential for ethical hacking.
Knowledge of different types of attacks: Understanding common hacking techniques, such as SQL injection, phishing, and DDoS attacks, is important for identifying and defending against them.
Understanding of laws and regulations: Familiarity with laws and regulations related to hacking and cybersecurity, such as the Computer Fraud and Abuse Act, is important for staying compliant while conducting ethical hacking.
Strong analytical and problem-solving skills: Ethical hacking requires being able to think outside the box and analyze systems and networks to identify vulnerabilities.
Continuous learning: With the threat landscape and technology constantly evolving, it's important to stay up to date with the latest developments in ethical hacking and cybersecurity.
Certifications: Certifications such as CEH, OSCP, CISSP, GPEN are widely recognized and can help to validate your skills and knowledge to potential employers.
Where to learn?
Everything is available in YouTube as a begginer you dont need to run for course just use your mind and do search
Strong understanding of networks and systems: Understanding how networks and systems work is essential for identifying vulnerabilities and exploiting them in an ethical manner.
Programming and noscripting skills: Familiarity with programming and noscripting languages such as Python, JavaScript, and Bash is important for automating tasks and writing custom noscripts for ethical hacking.
Hands-on experience with hacking tools: Familiarity with tools such as Nmap, Metasploit, and Wireshark is essential for ethical hacking.
Knowledge of different types of attacks: Understanding common hacking techniques, such as SQL injection, phishing, and DDoS attacks, is important for identifying and defending against them.
Understanding of laws and regulations: Familiarity with laws and regulations related to hacking and cybersecurity, such as the Computer Fraud and Abuse Act, is important for staying compliant while conducting ethical hacking.
Strong analytical and problem-solving skills: Ethical hacking requires being able to think outside the box and analyze systems and networks to identify vulnerabilities.
Continuous learning: With the threat landscape and technology constantly evolving, it's important to stay up to date with the latest developments in ethical hacking and cybersecurity.
Certifications: Certifications such as CEH, OSCP, CISSP, GPEN are widely recognized and can help to validate your skills and knowledge to potential employers.
Where to learn?
Everything is available in YouTube as a begginer you dont need to run for course just use your mind and do search
👍12
Where do you go to find remote jobs 👇👇
https://news.1rj.ru/str/jobinterviewsprep/64
https://news.1rj.ru/str/jobinterviewsprep/64
❇️ How do you create a strong password ?
Password crackers can decipher passwords in a matter of days or hours, depending on how weak or strong the password is. To make a password stronger and more difficult to uncover, a plaintext password should adhere to the following rules:
- Be at least 12 characters long : The shorter a password is, the easier and faster it will be cracked.
- Combine letters and a variety of characters : Using numbers and special characters, such as periods and commas, increases the number of possible combinations.
- Avoid reusing a password : If a password is cracked, then a person with malicious intent could use that same password to easily access other password-protected accounts the victim owns.
- Pay attention to password strength indicators : Some password-protected systems include a password strength meter, which is a scale that tells users when they have created a strong password.
- Avoid easy-to-guess phrases and common passwords : Weak passwords can be a name, a pet's name or a birthdate -- something personally identifiable. Short and easily predictable patterns, like 123456, password or qwerty, also are weak passwords.
- Use encryption : Passwords stored in a database should be encrypted.
- Take advantage of password creation tools and managers : Some smartphones will automatically create long, hard-to-guess passwords. For example, Apple iPhones will create strong website passwords for users. An iPhone stores the passwords in its password manager, iCloud Keychain and automatically fills the password into the correct field so the user doesn't have to remember the complicated password.
Password crackers can decipher passwords in a matter of days or hours, depending on how weak or strong the password is. To make a password stronger and more difficult to uncover, a plaintext password should adhere to the following rules:
- Be at least 12 characters long : The shorter a password is, the easier and faster it will be cracked.
- Combine letters and a variety of characters : Using numbers and special characters, such as periods and commas, increases the number of possible combinations.
- Avoid reusing a password : If a password is cracked, then a person with malicious intent could use that same password to easily access other password-protected accounts the victim owns.
- Pay attention to password strength indicators : Some password-protected systems include a password strength meter, which is a scale that tells users when they have created a strong password.
- Avoid easy-to-guess phrases and common passwords : Weak passwords can be a name, a pet's name or a birthdate -- something personally identifiable. Short and easily predictable patterns, like 123456, password or qwerty, also are weak passwords.
- Use encryption : Passwords stored in a database should be encrypted.
- Take advantage of password creation tools and managers : Some smartphones will automatically create long, hard-to-guess passwords. For example, Apple iPhones will create strong website passwords for users. An iPhone stores the passwords in its password manager, iCloud Keychain and automatically fills the password into the correct field so the user doesn't have to remember the complicated password.
👍12❤2
Linux System Administrator Roadmap🐧💻
├── 🔹 Foundations
│ ├── 🔸 Basic Linux Concepts
│ │ ├── 📂 File System Hierarchy
│ │ ├── 🔑 Permissions and Ownership
│ │ ├── 🔄 Processes and Daemons
│ │ └── 🖥️ Basic Commands (ls, cd, cp, mv, rm, etc.)
│ ├── 🔸 Shell and Scripting
│ │ ├── 📝 Bash Scripting
│ │ ├── 🔧 Basic Automation
│ │ └── 🛠️ Common Shell Commands (grep, awk, sed)
│ ├── 🔸 Networking Fundamentals
│ │ ├── 🌐 TCP/IP Stack
│ │ ├── 🌍 DNS Configuration
│ │ ├── 🔌 Network Interfaces
│ │ └── 🛠️ Basic Network Troubleshooting (ping, traceroute, netstat)
│ └── 🔸 System Installation and Configuration
│ ├── 💿 Installation Methods (ISO, PXE)
│ ├── 🗂️ Disk Partitioning and File Systems
│ └── 🔒 Initial Configuration and Hardening
├── 🔹 System Administration
│ ├── 🔸 User and Group Management
│ │ ├── 👤 User Accounts
│ │ ├── 👥 Group Policies
│ │ └── 🔑 sudo Configuration
│ ├── 🔸 Package Management
│ │ ├── 📦 RPM and YUM (RHEL/CentOS)
│ │ ├── 📦 APT (Debian/Ubuntu)
│ │ └── 🔧 Compiling from Source
│ ├── 🔸 Process Management
│ │ ├── 🔄 Systemd and Init
│ │ ├── 👀 Monitoring and Controlling Processes
│ │ └── 🕒 Crontab and Scheduled Tasks
│ ├── 🔸 Filesystem Management
│ │ ├── 🗂️ Mounting and Unmounting File Systems
│ │ ├── 📁 NFS and Samba
│ │ └── 📊 Disk Quotas
│ └── 🔸 Security
│ ├── 🔥 Firewalls (iptables, firewalld)
│ ├── 🛡️ SELinux and AppArmor
│ ├── 🔒 SSH Configuration and Hardening
│ └── 📝 Auditing and Logging
├── 🔹 Networking and Services
│ ├── 🔸 Network Configuration
│ │ ├── 🌐 Static and Dynamic IP Addressing
│ │ ├── 🔌 Network Bonding and Bridging
│ │ └── 📶 VLANs
│ ├── 🔸 Web Services
│ │ ├── 🌐 Apache and Nginx
│ │ ├── 🔐 HTTPS and SSL/TLS
│ │ ├── ↔️ Reverse Proxies
│ │ └── 🛡️ Web Application Firewalls (WAF)
│ ├── 🔸 Database Management
│ │ ├── 💾 MySQL/MariaDB
│ │ ├── 💾 PostgreSQL
│ │ ├── 📂 NoSQL Databases (e.g., MongoDB)
│ │ └── 🔄 Backup and Restore
│ ├── 🔸 Email Services
│ │ ├── ✉️ Postfix and Sendmail
│ │ └── 🚫 Spam Filtering
│ └── 🔸 File and Print Services
│ ├── 📁 Samba
│ ├── 📁 NFS
│ └── 🖨️ CUPS
├── 🔹 Advanced Administration
│ ├── 🔸 Virtualization
│ │ ├── 💻 KVM and QEMU
│ │ ├── 📦 VirtualBox
│ │ └── 🔧 Libvirt
│ ├── 🔸 Containerization
│ │ ├── 🐳 Docker
│ │ ├── ☸️ Kubernetes
│ │ └── 🔧 Podman
│ ├── 🔸 Cloud Computing
│ │ ├── ☁️ AWS
│ │ ├── ☁️ Azure
│ │ ├── ☁️ OpenStack
│ │ └── ☁️ GCP (Google Cloud Platform)
│ ├── 🔸 Configuration Management
│ │ ├── 🤖 Ansible
│ │ ├── 🎭 Puppet
│ │ ├── 🍴 Chef
│ │ └── 🧂 SaltStack
│ └── 🔸 High Availability
│ ├── 🔗 Clustering (Pacemaker, Corosync)
│ ├── ⚖️ Load Balancing (HAProxy, Nginx)
│ └── 🔄 Backup and Disaster Recovery
├── 🔹 Monitoring and Performance
│ ├── 🔸 System Monitoring
│ │ ├── 🔧 Tools (Nagios, Zabbix, Prometheus, Grafana)
│ │ └── 📝 Log Management (ELK Stack, Graylog)
│ ├── 🔸 Performance Tuning
│ │ ├── 🧠 CPU and Memory Optimization
│ │ ├── 💾 Disk I/O Performance
│ │ └── 🌐 Network Performance
│ └── 🔸 Troubleshooting
│ ├── 📝 Log Analysis
│ ├── 🔍 Common Issues and Solutions
│ ├── 🚧 Performance Bottlenecks
│ └── 🔧 Kernel Tuning
├── 🔹 Scripting and Automation
│ ├── 🔸 Advanced Scripting
│ │ ├── 📜 Shell Scripting (Advanced)
│ │ ├── 🐍 Python Scripting
│ │ └── 🤖 Task Automation
│ └── 🔸 Infrastructure as Code (IaC)
│ ├── 🌍 Terraform
│ ├── ☁️ CloudFormation
│ └── 🔄 CI/CD Pipelines (Jenkins, GitLab CI)
└── 🔹 Security and Compliance
├── 🔸 Security Best Practices
│ ├── 🔒 System Hardening
│ └──🔄 Regular Updates and Patching
└── 🔍 Security Auditing Tools (e.g., Lynis, OpenVAS)
├── 🔹 Foundations
│ ├── 🔸 Basic Linux Concepts
│ │ ├── 📂 File System Hierarchy
│ │ ├── 🔑 Permissions and Ownership
│ │ ├── 🔄 Processes and Daemons
│ │ └── 🖥️ Basic Commands (ls, cd, cp, mv, rm, etc.)
│ ├── 🔸 Shell and Scripting
│ │ ├── 📝 Bash Scripting
│ │ ├── 🔧 Basic Automation
│ │ └── 🛠️ Common Shell Commands (grep, awk, sed)
│ ├── 🔸 Networking Fundamentals
│ │ ├── 🌐 TCP/IP Stack
│ │ ├── 🌍 DNS Configuration
│ │ ├── 🔌 Network Interfaces
│ │ └── 🛠️ Basic Network Troubleshooting (ping, traceroute, netstat)
│ └── 🔸 System Installation and Configuration
│ ├── 💿 Installation Methods (ISO, PXE)
│ ├── 🗂️ Disk Partitioning and File Systems
│ └── 🔒 Initial Configuration and Hardening
├── 🔹 System Administration
│ ├── 🔸 User and Group Management
│ │ ├── 👤 User Accounts
│ │ ├── 👥 Group Policies
│ │ └── 🔑 sudo Configuration
│ ├── 🔸 Package Management
│ │ ├── 📦 RPM and YUM (RHEL/CentOS)
│ │ ├── 📦 APT (Debian/Ubuntu)
│ │ └── 🔧 Compiling from Source
│ ├── 🔸 Process Management
│ │ ├── 🔄 Systemd and Init
│ │ ├── 👀 Monitoring and Controlling Processes
│ │ └── 🕒 Crontab and Scheduled Tasks
│ ├── 🔸 Filesystem Management
│ │ ├── 🗂️ Mounting and Unmounting File Systems
│ │ ├── 📁 NFS and Samba
│ │ └── 📊 Disk Quotas
│ └── 🔸 Security
│ ├── 🔥 Firewalls (iptables, firewalld)
│ ├── 🛡️ SELinux and AppArmor
│ ├── 🔒 SSH Configuration and Hardening
│ └── 📝 Auditing and Logging
├── 🔹 Networking and Services
│ ├── 🔸 Network Configuration
│ │ ├── 🌐 Static and Dynamic IP Addressing
│ │ ├── 🔌 Network Bonding and Bridging
│ │ └── 📶 VLANs
│ ├── 🔸 Web Services
│ │ ├── 🌐 Apache and Nginx
│ │ ├── 🔐 HTTPS and SSL/TLS
│ │ ├── ↔️ Reverse Proxies
│ │ └── 🛡️ Web Application Firewalls (WAF)
│ ├── 🔸 Database Management
│ │ ├── 💾 MySQL/MariaDB
│ │ ├── 💾 PostgreSQL
│ │ ├── 📂 NoSQL Databases (e.g., MongoDB)
│ │ └── 🔄 Backup and Restore
│ ├── 🔸 Email Services
│ │ ├── ✉️ Postfix and Sendmail
│ │ └── 🚫 Spam Filtering
│ └── 🔸 File and Print Services
│ ├── 📁 Samba
│ ├── 📁 NFS
│ └── 🖨️ CUPS
├── 🔹 Advanced Administration
│ ├── 🔸 Virtualization
│ │ ├── 💻 KVM and QEMU
│ │ ├── 📦 VirtualBox
│ │ └── 🔧 Libvirt
│ ├── 🔸 Containerization
│ │ ├── 🐳 Docker
│ │ ├── ☸️ Kubernetes
│ │ └── 🔧 Podman
│ ├── 🔸 Cloud Computing
│ │ ├── ☁️ AWS
│ │ ├── ☁️ Azure
│ │ ├── ☁️ OpenStack
│ │ └── ☁️ GCP (Google Cloud Platform)
│ ├── 🔸 Configuration Management
│ │ ├── 🤖 Ansible
│ │ ├── 🎭 Puppet
│ │ ├── 🍴 Chef
│ │ └── 🧂 SaltStack
│ └── 🔸 High Availability
│ ├── 🔗 Clustering (Pacemaker, Corosync)
│ ├── ⚖️ Load Balancing (HAProxy, Nginx)
│ └── 🔄 Backup and Disaster Recovery
├── 🔹 Monitoring and Performance
│ ├── 🔸 System Monitoring
│ │ ├── 🔧 Tools (Nagios, Zabbix, Prometheus, Grafana)
│ │ └── 📝 Log Management (ELK Stack, Graylog)
│ ├── 🔸 Performance Tuning
│ │ ├── 🧠 CPU and Memory Optimization
│ │ ├── 💾 Disk I/O Performance
│ │ └── 🌐 Network Performance
│ └── 🔸 Troubleshooting
│ ├── 📝 Log Analysis
│ ├── 🔍 Common Issues and Solutions
│ ├── 🚧 Performance Bottlenecks
│ └── 🔧 Kernel Tuning
├── 🔹 Scripting and Automation
│ ├── 🔸 Advanced Scripting
│ │ ├── 📜 Shell Scripting (Advanced)
│ │ ├── 🐍 Python Scripting
│ │ └── 🤖 Task Automation
│ └── 🔸 Infrastructure as Code (IaC)
│ ├── 🌍 Terraform
│ ├── ☁️ CloudFormation
│ └── 🔄 CI/CD Pipelines (Jenkins, GitLab CI)
└── 🔹 Security and Compliance
├── 🔸 Security Best Practices
│ ├── 🔒 System Hardening
│ └──🔄 Regular Updates and Patching
└── 🔍 Security Auditing Tools (e.g., Lynis, OpenVAS)
👍23❤10🤩1
Complete Ethical Hacking Roadmap
👇👇
1. Introduction to Ethical Hacking
- Definition
- Purpose
- Types of Hackers
- Legal and Ethical Considerations
2. Networking Basics
- TCP/IP
- OSI Model
- Subnetting
- DNS
- DHCP
3. Operating Systems
- Linux
- Windows
- macOS
- Command Line Basics
4. Cybersecurity Fundamentals
- Encryption
- Firewalls
- Antivirus
- IDS/IPS
5. Programming Languages
- Python
- Javanoscript
- Bash Scripting
- SQL
- C/ C++/ Java/ Ruby
6. Scanning and Enumeration
- Port Scanning
- Service Enumeration
- Vulnerability Scanning
7. Exploitation
- Common Vulnerabilities and Exploits
- Metasploit Framework
- Buffer Overflows
8. Web Application Security
- OWASP Top Ten
- SQL Injection
- Cross-Site Scripting (XSS)
9. Wireless Network Hacking
- Wi-Fi Security
- WEP, WPA, WPA2
- Wireless Attacks
10. Social Engineering
- Phishing
- Spear Phishing
- Social Engineering Toolkit (SET)
11. Sniffing and Spoofing
- Man-in-the-Middle Attacks
- ARP Spoofing
- DNS Spoofing
12. Malware Analysis
- Types of Malware
- Sandbox Analysis
- Signature-Based and Behavior-Based Detection
13. Incident Response and Handling
- Incident Response Process
- Digital Forensics
- Chain of Custody
14. Penetration Testing
- Types of Penetration Testing
- Methodology
- Reporting
15. Cryptography
- Symmetric and Asymmetric Encryption
- Hashing Algorithms
- Digital Signatures
16. Mobile Hacking
- Android and iOS Security
- Mobile Application Security
17. Cloud Security
- AWS, Azure, Google Cloud
- Security Best Practices
18. IoT Security
- Internet of Things Risks
- Securing IoT Devices
19. Legal and Compliance
- Computer Fraud and Abuse Act (CFAA)
- GDPR, HIPAA, PCI DSS
20. Cybersecurity Tools
- Nmap, Wireshark, Burp Suite
- Snort, Nessus, Aircrack-ng
21. Career Path and Certifications
- Certified Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP)
- CISSP, CompTIA Security+
---------------------------------------------------------
Some good resources to learn Ethical Hacking
1. Tutorials & Courses
- Informarion Security Free Course
- Ethical Hacking Bootcamp
- Network Hacking Course
2. Telegram Channels
- Cyber Security and Ethical Hacking
- Ethical Hacking Books
3. Books
- Ultimate Linux Free Book
- Python for Ethical Hacking
4. Ethical Hacking Forums
Join @free4unow_backup for more free resources
ENJOY LEARNING 👨💻🔒
👇👇
1. Introduction to Ethical Hacking
- Definition
- Purpose
- Types of Hackers
- Legal and Ethical Considerations
2. Networking Basics
- TCP/IP
- OSI Model
- Subnetting
- DNS
- DHCP
3. Operating Systems
- Linux
- Windows
- macOS
- Command Line Basics
4. Cybersecurity Fundamentals
- Encryption
- Firewalls
- Antivirus
- IDS/IPS
5. Programming Languages
- Python
- Javanoscript
- Bash Scripting
- SQL
- C/ C++/ Java/ Ruby
6. Scanning and Enumeration
- Port Scanning
- Service Enumeration
- Vulnerability Scanning
7. Exploitation
- Common Vulnerabilities and Exploits
- Metasploit Framework
- Buffer Overflows
8. Web Application Security
- OWASP Top Ten
- SQL Injection
- Cross-Site Scripting (XSS)
9. Wireless Network Hacking
- Wi-Fi Security
- WEP, WPA, WPA2
- Wireless Attacks
10. Social Engineering
- Phishing
- Spear Phishing
- Social Engineering Toolkit (SET)
11. Sniffing and Spoofing
- Man-in-the-Middle Attacks
- ARP Spoofing
- DNS Spoofing
12. Malware Analysis
- Types of Malware
- Sandbox Analysis
- Signature-Based and Behavior-Based Detection
13. Incident Response and Handling
- Incident Response Process
- Digital Forensics
- Chain of Custody
14. Penetration Testing
- Types of Penetration Testing
- Methodology
- Reporting
15. Cryptography
- Symmetric and Asymmetric Encryption
- Hashing Algorithms
- Digital Signatures
16. Mobile Hacking
- Android and iOS Security
- Mobile Application Security
17. Cloud Security
- AWS, Azure, Google Cloud
- Security Best Practices
18. IoT Security
- Internet of Things Risks
- Securing IoT Devices
19. Legal and Compliance
- Computer Fraud and Abuse Act (CFAA)
- GDPR, HIPAA, PCI DSS
20. Cybersecurity Tools
- Nmap, Wireshark, Burp Suite
- Snort, Nessus, Aircrack-ng
21. Career Path and Certifications
- Certified Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP)
- CISSP, CompTIA Security+
---------------------------------------------------------
Some good resources to learn Ethical Hacking
1. Tutorials & Courses
- Informarion Security Free Course
- Ethical Hacking Bootcamp
- Network Hacking Course
2. Telegram Channels
- Cyber Security and Ethical Hacking
- Ethical Hacking Books
3. Books
- Ultimate Linux Free Book
- Python for Ethical Hacking
4. Ethical Hacking Forums
Join @free4unow_backup for more free resources
ENJOY LEARNING 👨💻🔒
👍18❤7👏2🎉1
🖥 100 Web Vulnerabilities, categorized into various types : 😀
⚡️ Injection Vulnerabilities:
1. SQL Injection (SQLi)
2. Cross-Site Scripting (XSS)
3. Cross-Site Request Forgery (CSRF)
4. Remote Code Execution (RCE)
5. Command Injection
6. XML Injection
7. LDAP Injection
8. XPath Injection
9. HTML Injection
10. Server-Side Includes (SSI) Injection
11. OS Command Injection
12. Blind SQL Injection
13. Server-Side Template Injection (SSTI)
⚡️ Broken Authentication and Session Management:
14. Session Fixation
15. Brute Force Attack
16. Session Hijacking
17. Password Cracking
18. Weak Password Storage
19. Insecure Authentication
20. Cookie Theft
21. Credential Reuse
⚡️ Sensitive Data Exposure:
22. Inadequate Encryption
23. Insecure Direct Object References (IDOR)
24. Data Leakage
25. Unencrypted Data Storage
26. Missing Security Headers
27. Insecure File Handling
⚡️ Security Misconfiguration:
28. Default Passwords
29. Directory Listing
30. Unprotected API Endpoints
31. Open Ports and Services
32. Improper Access Controls
33. Information Disclosure
34. Unpatched Software
35. Misconfigured CORS
36. HTTP Security Headers Misconfiguration
⚡️ XML-Related Vulnerabilities:
37. XML External Entity (XXE) Injection
38. XML Entity Expansion (XEE)
39. XML Bomb
⚡️ Broken Access Control:
40. Inadequate Authorization
41. Privilege Escalation
42. Insecure Direct Object References
43. Forceful Browsing
44. Missing Function-Level Access Control
⚡️ Insecure Deserialization:
45. Remote Code Execution via Deserialization
46. Data Tampering
47. Object Injection
⚡️ API Security Issues:
48. Insecure API Endpoints
49. API Key Exposure
50. Lack of Rate Limiting
51. Inadequate Input Validation
⚡️ Insecure Communication:
52. Man-in-the-Middle (MITM) Attack
53. Insufficient Transport Layer Security
54. Insecure SSL/TLS Configuration
55. Insecure Communication Protocols
⚡️ Client-Side Vulnerabilities:
56. DOM-based XSS
57. Insecure Cross-Origin Communication
58. Browser Cache Poisoning
59. Clickjacking
60. HTML5 Security Issues
⚡️ Denial of Service (DoS):
61. Distributed Denial of Service (DDoS)
62. Application Layer DoS
63. Resource Exhaustion
64. Slowloris Attack
65. XML Denial of Service
⚡️ Other Web Vulnerabilities:
66. Server-Side Request Forgery (SSRF)
67. HTTP Parameter Pollution (HPP)
68. Insecure Redirects and Forwards
69. File Inclusion Vulnerabilities
70. Security Header Bypass
71. Clickjacking
72. Inadequate Session Timeout
73. Insufficient Logging and Monitoring
74. Business Logic Vulnerabilities
75. API Abuse
⚡️ Mobile Web Vulnerabilities:
76. Insecure Data Storage on Mobile Devices
77. Insecure Data Transmission on Mobile Devices
78. Insecure Mobile API Endpoints
79. Mobile App Reverse Engineering
⚡️ IoT Web Vulnerabilities:
80. Insecure IoT Device Management
81. Weak Authentication on IoT Devices
82. IoT Device Vulnerabilities
⚡️ Web of Things (WoT) Vulnerabilities:
83. Unauthorized Access to Smart Homes
84. IoT Data Privacy Issues
⚡️ Authentication Bypass:
85. Insecure "Remember Me" Functionality
86. CAPTCHA Bypass
⚡️ Server-Side Request Forgery (SSRF):
87. Blind SSR
88. Time-Based Blind SSRF
⚡️ Content Spoofing:
89. MIME Sniffing
90. X-Content-Type-Options Bypass
91. Content Security Policy (CSP) Bypass
⚡️ Business Logic Flaws:
92. Inconsistent Validation
93. Race Conditions
94. Order Processing Vulnerabilities
95. Price Manipulation
96. Account Enumeration
97. User-Based Flaws
⚡️ Zero-Day Vulnerabilities:
98. Unknown Vulnerabilities
99. Unpatched Vulnerabilities
100. Day-Zero Exploits
➡️ Give 100+ Reactions 😎
⚡️ Injection Vulnerabilities:
1. SQL Injection (SQLi)
2. Cross-Site Scripting (XSS)
3. Cross-Site Request Forgery (CSRF)
4. Remote Code Execution (RCE)
5. Command Injection
6. XML Injection
7. LDAP Injection
8. XPath Injection
9. HTML Injection
10. Server-Side Includes (SSI) Injection
11. OS Command Injection
12. Blind SQL Injection
13. Server-Side Template Injection (SSTI)
⚡️ Broken Authentication and Session Management:
14. Session Fixation
15. Brute Force Attack
16. Session Hijacking
17. Password Cracking
18. Weak Password Storage
19. Insecure Authentication
20. Cookie Theft
21. Credential Reuse
⚡️ Sensitive Data Exposure:
22. Inadequate Encryption
23. Insecure Direct Object References (IDOR)
24. Data Leakage
25. Unencrypted Data Storage
26. Missing Security Headers
27. Insecure File Handling
⚡️ Security Misconfiguration:
28. Default Passwords
29. Directory Listing
30. Unprotected API Endpoints
31. Open Ports and Services
32. Improper Access Controls
33. Information Disclosure
34. Unpatched Software
35. Misconfigured CORS
36. HTTP Security Headers Misconfiguration
⚡️ XML-Related Vulnerabilities:
37. XML External Entity (XXE) Injection
38. XML Entity Expansion (XEE)
39. XML Bomb
⚡️ Broken Access Control:
40. Inadequate Authorization
41. Privilege Escalation
42. Insecure Direct Object References
43. Forceful Browsing
44. Missing Function-Level Access Control
⚡️ Insecure Deserialization:
45. Remote Code Execution via Deserialization
46. Data Tampering
47. Object Injection
⚡️ API Security Issues:
48. Insecure API Endpoints
49. API Key Exposure
50. Lack of Rate Limiting
51. Inadequate Input Validation
⚡️ Insecure Communication:
52. Man-in-the-Middle (MITM) Attack
53. Insufficient Transport Layer Security
54. Insecure SSL/TLS Configuration
55. Insecure Communication Protocols
⚡️ Client-Side Vulnerabilities:
56. DOM-based XSS
57. Insecure Cross-Origin Communication
58. Browser Cache Poisoning
59. Clickjacking
60. HTML5 Security Issues
⚡️ Denial of Service (DoS):
61. Distributed Denial of Service (DDoS)
62. Application Layer DoS
63. Resource Exhaustion
64. Slowloris Attack
65. XML Denial of Service
⚡️ Other Web Vulnerabilities:
66. Server-Side Request Forgery (SSRF)
67. HTTP Parameter Pollution (HPP)
68. Insecure Redirects and Forwards
69. File Inclusion Vulnerabilities
70. Security Header Bypass
71. Clickjacking
72. Inadequate Session Timeout
73. Insufficient Logging and Monitoring
74. Business Logic Vulnerabilities
75. API Abuse
⚡️ Mobile Web Vulnerabilities:
76. Insecure Data Storage on Mobile Devices
77. Insecure Data Transmission on Mobile Devices
78. Insecure Mobile API Endpoints
79. Mobile App Reverse Engineering
⚡️ IoT Web Vulnerabilities:
80. Insecure IoT Device Management
81. Weak Authentication on IoT Devices
82. IoT Device Vulnerabilities
⚡️ Web of Things (WoT) Vulnerabilities:
83. Unauthorized Access to Smart Homes
84. IoT Data Privacy Issues
⚡️ Authentication Bypass:
85. Insecure "Remember Me" Functionality
86. CAPTCHA Bypass
⚡️ Server-Side Request Forgery (SSRF):
87. Blind SSR
88. Time-Based Blind SSRF
⚡️ Content Spoofing:
89. MIME Sniffing
90. X-Content-Type-Options Bypass
91. Content Security Policy (CSP) Bypass
⚡️ Business Logic Flaws:
92. Inconsistent Validation
93. Race Conditions
94. Order Processing Vulnerabilities
95. Price Manipulation
96. Account Enumeration
97. User-Based Flaws
⚡️ Zero-Day Vulnerabilities:
98. Unknown Vulnerabilities
99. Unpatched Vulnerabilities
100. Day-Zero Exploits
➡️ Give 100+ Reactions 😎
👍15🤩14❤5👏2🎉2
💎18 Websites To Learn Linux For FREE💎
1. nixCraft
2. Tecmint
3. Linuxize
4. It’s FOSS
5. Linux Hint
6. LinuxOPsys
7. Linux Journey
8. Linux Academy
9. Linux Survival
10. Linux Command
11. Ryan’s Tutorials
12. Linux Handbook
13. Linux FoundationX
14. LabEx Linux For Noobs
15. Guru99 Linux Tutorial Summary
16. Conquering the command line
17. Intellipat Linux Tutorial for Beginners
18. The Debian Administrators Handbook
➡️ Give Reactions 🙌
1. nixCraft
2. Tecmint
3. Linuxize
4. It’s FOSS
5. Linux Hint
6. LinuxOPsys
7. Linux Journey
8. Linux Academy
9. Linux Survival
10. Linux Command
11. Ryan’s Tutorials
12. Linux Handbook
13. Linux FoundationX
14. LabEx Linux For Noobs
15. Guru99 Linux Tutorial Summary
16. Conquering the command line
17. Intellipat Linux Tutorial for Beginners
18. The Debian Administrators Handbook
➡️ Give Reactions 🙌
❤34🎉6👍5🤩2
🗺 Change your IP in every 10 seconds📍
Unlock a new level of online privacy and security with gr33n37 IP Changer! 🌐💻
🖥 Github link - (https://github.com/gr33n37/gr33n37-ip-changer)
🛡️ Give 100+ Reactions 🤟
Unlock a new level of online privacy and security with gr33n37 IP Changer! 🌐💻
This powerful tool allows you to alter your IP address effortlessly, enhancing your digital anonymity and safeguarding your online activities. Whether you’re browsing privately, accessing geo-restricted content, or protecting against surveillance, gr33n37 IP Changer ensures your internet experience remains secure and unrestricted. Embrace the freedom to explore the web without boundaries.
🖥 Github link - (https://github.com/gr33n37/gr33n37-ip-changer)
🛡️ Give 100+ Reactions 🤟
👏21👍8🤩3❤1
What is a Birthday Attack? 🎂🔓
In cryptography, a birthday collision attack is a phenomenon where two different pieces of data end up with the same hash value. Here's a simple analogy to make it clear:
Imagine you’re in a room with 23 people. You might think it’s unlikely for two people to have the same birthday, but in reality, there's about a 50% chance! This surprising result is known as the birthday paradox. 🍰
Similarly, in the world of cryptography, a birthday collision happens when two different messages produce the same hash value much sooner than you'd expect. 🔓
This can be a vulnerability because it allows attackers to find two distinct inputs that hash to the same output, potentially causing security breaches. ⚠
To safeguard against such attacks, it's important to use cryptographic algorithms with a large hash size, making collisions extremely rare and difficult to achieve.
In cryptography, a birthday collision attack is a phenomenon where two different pieces of data end up with the same hash value. Here's a simple analogy to make it clear:
Imagine you’re in a room with 23 people. You might think it’s unlikely for two people to have the same birthday, but in reality, there's about a 50% chance! This surprising result is known as the birthday paradox. 🍰
Similarly, in the world of cryptography, a birthday collision happens when two different messages produce the same hash value much sooner than you'd expect. 🔓
This can be a vulnerability because it allows attackers to find two distinct inputs that hash to the same output, potentially causing security breaches. ⚠
To safeguard against such attacks, it's important to use cryptographic algorithms with a large hash size, making collisions extremely rare and difficult to achieve.
👍20❤5
COMPLETE BUG BOUNTY TOOL LIST
dnscan https://github.com/rbsec/dnscan
Knockpy https://github.com/guelfoweb/knock
Sublist3r https://github.com/aboul3la/Sublist3r
massdns https://github.com/blechschmidt/massdns
nmap https://nmap.org
masscan https://github.com/robertdavidgraham/masscan
EyeWitness https://github.com/ChrisTruncer/EyeWitness
DirBuster https://sourceforge.net/projects/dirbuster/
dirsearch https://github.com/maurosoria/dirsearch
Gitrob https://github.com/michenriksen/gitrob
git-secrets https://github.com/awslabs/git-secrets
sandcastle https://github.com/yasinS/sandcastle
bucketfinder https://digi.ninja/projects/bucket\finder.php
GoogD0rker https://github.com/ZephrFish/GoogD0rker/
Wayback Machine https://web.archive.org
waybackurls https://gist.github.com/mhmdiaa/adf6bff70142e5091792841d4b372050
Sn1per https://github.com/1N3/Sn1per/
XRay https://github.com/evilsocket/xray
wfuzz https://github.com/xmendez/wfuzz/
patator https://github.com/lanjelot/patator
datasploit https://github.com/DataSploit/datasploit
hydra https://github.com/vanhauser-thc/thc-hydra
changeme https://github.com/ztgrace/changeme
MobSF https://github.com/MobSF/Mobile-Security-Framework-MobSF/
Apktool https://github.com/iBotPeaches/Apktool
dex2jar https://sourceforge.net/projects/dex2jar/
sqlmap http://sqlmap.org/
oxmlxxe https://github.com/BuffaloWill/oxml\xxe/
XXE Injector https://github.com/enjoiz/XXEinjector
The JSON Web Token Toolkit https://github.com/ticarpi/jwt_tool
ground-control https://github.com/jobertabma/ground-control
ssrfDetector https://github.com/JacobReynolds/ssrfDetector
LFISuit https://github.com/D35m0nd142/LFISuite
GitTools https://github.com/internetwache/GitTools
dvcs-ripper https://github.com/kost/dvcs-ripper
tko-subs https://github.com/anshumanbh/tko-subs
HostileSubBruteforcer https://github.com/nahamsec/HostileSubBruteforcer
Race the Web https://github.com/insp3ctre/race-the-web
ysoserial https://github.com/GoSecure/ysoserial
PHPGGC https://github.com/ambionics/phpggc
CORStest https://github.com/RUB-NDS/CORStest
retire-js https://github.com/RetireJS/retire.js
getsploit https://github.com/vulnersCom/getsploit
Findsploit https://github.com/1N3/Findsploit
bfac https://github.com/mazen160/bfac
WPScan https://wpscan.org/
CMSMap https://github.com/Dionach/CMSmap
Amass https://github.com/OWASP/Amass
Extra Tools
http://projectdiscovery.io
dnscan https://github.com/rbsec/dnscan
Knockpy https://github.com/guelfoweb/knock
Sublist3r https://github.com/aboul3la/Sublist3r
massdns https://github.com/blechschmidt/massdns
nmap https://nmap.org
masscan https://github.com/robertdavidgraham/masscan
EyeWitness https://github.com/ChrisTruncer/EyeWitness
DirBuster https://sourceforge.net/projects/dirbuster/
dirsearch https://github.com/maurosoria/dirsearch
Gitrob https://github.com/michenriksen/gitrob
git-secrets https://github.com/awslabs/git-secrets
sandcastle https://github.com/yasinS/sandcastle
bucketfinder https://digi.ninja/projects/bucket\finder.php
GoogD0rker https://github.com/ZephrFish/GoogD0rker/
Wayback Machine https://web.archive.org
waybackurls https://gist.github.com/mhmdiaa/adf6bff70142e5091792841d4b372050
Sn1per https://github.com/1N3/Sn1per/
XRay https://github.com/evilsocket/xray
wfuzz https://github.com/xmendez/wfuzz/
patator https://github.com/lanjelot/patator
datasploit https://github.com/DataSploit/datasploit
hydra https://github.com/vanhauser-thc/thc-hydra
changeme https://github.com/ztgrace/changeme
MobSF https://github.com/MobSF/Mobile-Security-Framework-MobSF/
Apktool https://github.com/iBotPeaches/Apktool
dex2jar https://sourceforge.net/projects/dex2jar/
sqlmap http://sqlmap.org/
oxmlxxe https://github.com/BuffaloWill/oxml\xxe/
XXE Injector https://github.com/enjoiz/XXEinjector
The JSON Web Token Toolkit https://github.com/ticarpi/jwt_tool
ground-control https://github.com/jobertabma/ground-control
ssrfDetector https://github.com/JacobReynolds/ssrfDetector
LFISuit https://github.com/D35m0nd142/LFISuite
GitTools https://github.com/internetwache/GitTools
dvcs-ripper https://github.com/kost/dvcs-ripper
tko-subs https://github.com/anshumanbh/tko-subs
HostileSubBruteforcer https://github.com/nahamsec/HostileSubBruteforcer
Race the Web https://github.com/insp3ctre/race-the-web
ysoserial https://github.com/GoSecure/ysoserial
PHPGGC https://github.com/ambionics/phpggc
CORStest https://github.com/RUB-NDS/CORStest
retire-js https://github.com/RetireJS/retire.js
getsploit https://github.com/vulnersCom/getsploit
Findsploit https://github.com/1N3/Findsploit
bfac https://github.com/mazen160/bfac
WPScan https://wpscan.org/
CMSMap https://github.com/Dionach/CMSmap
Amass https://github.com/OWASP/Amass
Extra Tools
http://projectdiscovery.io
👍16❤4
Useful Run Commands Every Windows User Should Know
Press Win + R on your ⌨️ to open the Run dialog box and enter any of 👇 commands to access the respective tool.
🔹 "." - the user's folder.
🔹 ".." - user folder.
🔹 "control" - control panel.
🔹 "msconfig" - system configuration parameters.
🔹 "appwiz.cpl" - programs and components.
🔹 "cleanmgr" - a disk cleaning utility.
🔹 "resmon" - resource monitor.
🔹 "calc", "notepad", "mspaint" - calculator, notepad and paint.
🔹 "main.cpl" - mouse parameters.
🔹 "mstsc" - remote desktop.
🔹 "msinfo32" - system information.
🔹 wab - Contacts.
🔹 dccw - Display Color Calibration.
🔹 desk.cpl - Display Settings.
➡️ Give Reactions 🤟
Press Win + R on your ⌨️ to open the Run dialog box and enter any of 👇 commands to access the respective tool.
🔹 "." - the user's folder.
🔹 ".." - user folder.
🔹 "control" - control panel.
🔹 "msconfig" - system configuration parameters.
🔹 "appwiz.cpl" - programs and components.
🔹 "cleanmgr" - a disk cleaning utility.
🔹 "resmon" - resource monitor.
🔹 "calc", "notepad", "mspaint" - calculator, notepad and paint.
🔹 "main.cpl" - mouse parameters.
🔹 "mstsc" - remote desktop.
🔹 "msinfo32" - system information.
🔹 wab - Contacts.
🔹 dccw - Display Color Calibration.
🔹 desk.cpl - Display Settings.
➡️ Give Reactions 🤟
👍24❤6