Working on bruteforce tool using python to understand how does it actually work ..will share it once it is done
🔥4
kid cyber
Working on bruteforce tool using python to understand how does it actually work ..will share it once it is done
here simple bruetforce tool we just provide username, password list, url , and string that show up when invalid credentials are provided.
and the dictionary is for form fields which the server expects we will provide for post method later
we have to inspect and look at the form fieldset it might say user instead of username so we have to check that out otherwise it won't work
and the response.decode part that function returns raw byte so to compare it with the above string we have to decode it (we can use just response.text too)
last one the password list file have to be in the same directory/folder with the tool
disclaimer: try only in intentionally vulnerable website (like i used metasploitable2 dvwa vulnweb)
any comment on it
and the dictionary is for form fields which the server expects we will provide for post method later
we have to inspect and look at the form fieldset it might say user instead of username so we have to check that out otherwise it won't work
and the response.decode part that function returns raw byte so to compare it with the above string we have to decode it (we can use just response.text too)
last one the password list file have to be in the same directory/folder with the tool
disclaimer: try only in intentionally vulnerable website (like i used metasploitable2 dvwa vulnweb)
any comment on it
🔥5❤2👍1
Forwarded from The Hacker News
🔥 New npm attack DETECTED!
A campaign dubbed “Sha1-Hulud: The Second Coming” has compromised hundreds of packages and over 25,000 GitHub repos.
The code runs during install, steals cloud logins, and if that fails, it deletes the user’s home folder.
Read more ↓ https://thehackernews.com/2025/11/second-sha1-hulud-wave-affects-25000.html
A campaign dubbed “Sha1-Hulud: The Second Coming” has compromised hundreds of packages and over 25,000 GitHub repos.
The code runs during install, steals cloud logins, and if that fails, it deletes the user’s home folder.
Read more ↓ https://thehackernews.com/2025/11/second-sha1-hulud-wave-affects-25000.html
❤2🔥1
Forwarded from Frectonz
Devtopia is back with another interview. This one is with kinfish (@kinfishfarms). It ended up being our longest episode to date.
We talked about a lot of cool stuff, hope you enjoy the episode, also thank you kinfish for being on the episode.
[Devtopia - E04 - Kinfish]
We talked about a lot of cool stuff, hope you enjoy the episode, also thank you kinfish for being on the episode.
[Devtopia - E04 - Kinfish]
YouTube
Devtopia - E04 - Kinfish (Better Auth, Farm UI)
In this episode Kinfish joins us to talk about JS web frameworks, JS build systems and the general ecosystem at large. We also talk about how he got into the world of programming. We also talk about how he joined Better Auth and the company's journey till…
❤5
https://youtube.com/shorts/lax6vdOko20?si=1IovYrPZjuiRK18j
Hack the box released their new certification CJCA : certified cybersecurity junior associate
Hack the box released their new certification CJCA : certified cybersecurity junior associate
YouTube
Forcing My Kids to Become Hackers (It Actually Worked)
Get the certification yourself: https://ntck.co/htb_cjcaSign up for the giveaway: https://ntck.co/htb_giveaway
❤4👍1
This media is not supported in your browser
VIEW IN TELEGRAM
After missing the easiest question known ever 😭
Why is the easiest exams are actually the worst ?🙄
Why is the easiest exams are actually the worst ?🙄
😭5💯2❤1
Forwarded from AASTU CSC (ㅤ)
🔥 Cyber Night Alert!
Tonight, we’re bringing the heat with a special guest—an impact-driven woman making serious waves in security.
🔐 AppSec & API Security Specialist
🕵️ Pentester
💼 Cybersecurity Presales
🎓 CASA, ACP
🌐 APISec U Ambassador
👥 ECySA Member
🕑 Cyber Night Session – Tonight
Don’t miss the energy, the knowledge, and the inspiration.
linkedin
#AASTUCyberClub #CyberNight #WomenInCyber
@AASTU_CyberClub
Tonight, we’re bringing the heat with a special guest—an impact-driven woman making serious waves in security.
🔐 AppSec & API Security Specialist
🕵️ Pentester
💼 Cybersecurity Presales
🎓 CASA, ACP
🌐 APISec U Ambassador
👥 ECySA Member
🕑 Cyber Night Session – Tonight
Don’t miss the energy, the knowledge, and the inspiration.
where : here on telegram
when : tonight 2:30 pm local time
#AASTUCyberClub #CyberNight #WomenInCyber
@AASTU_CyberClub
❤2🔥2
AASTU CSC
🔥 Cyber Night Alert! Tonight, we’re bringing the heat with a special guest—an impact-driven woman making serious waves in security. 🔐 AppSec & API Security Specialist 🕵️ Pentester 💼 Cybersecurity Presales 🎓 CASA, ACP 🌐 APISec U Ambassador 👥 ECySA Member …
had a good time
discussed about : api security ig it is rare somehow compared to those common fields
she said " joining community and having mentor (specially having mentor) helps u to succeed in this field "
discussed about : api security ig it is rare somehow compared to those common fields
she said " joining community and having mentor (specially having mentor) helps u to succeed in this field "
❤4
Forwarded from Buna Byte Cybersecurity
⚡️Advent of Cyber 2025 Starts Tomorrow!
#TryHackMe annual Advent of Cyber kicks off in just one day, bringing a full month of free, beginner-friendly cybersecurity challenges designed to help you build real, practical hacking skills.
📅 Starts: Tomorrow
💰 Cost: Free
🎯 Skill Level: All levels — especially beginners
Join in, sharpen your skills, and make this December a month of continuous learning.
👉 Start here: https://tryhackme.com/adventofcyber25
@bunabytecs
#TryHackMe annual Advent of Cyber kicks off in just one day, bringing a full month of free, beginner-friendly cybersecurity challenges designed to help you build real, practical hacking skills.
📅 Starts: Tomorrow
💰 Cost: Free
🎯 Skill Level: All levels — especially beginners
Join in, sharpen your skills, and make this December a month of continuous learning.
👉 Start here: https://tryhackme.com/adventofcyber25
@bunabytecs
❤3🔥3
Buna Byte Cybersecurity
⚡️Advent of Cyber 2025 Starts Tomorrow! #TryHackMe annual Advent of Cyber kicks off in just one day, bringing a full month of free, beginner-friendly cybersecurity challenges designed to help you build real, practical hacking skills. 📅 Starts: Tomorrow…
Helps a lot specially for beginners i just have done the warm up and still 3 rooms to go from released ones
It doesn't matter when u do the rooms what matters to win the prize is having more points at the end , if u do all the rooms u will get the certificate after 24 days
Will post what each room is about
The warm up room: was about basic linux commands , looking for suspicious emails, files and the first defense of cyber attack strengthing ur password .....
Should i continue posting this?
It doesn't matter when u do the rooms what matters to win the prize is having more points at the end , if u do all the rooms u will get the certificate after 24 days
Will post what each room is about
The warm up room: was about basic linux commands , looking for suspicious emails, files and the first defense of cyber attack strengthing ur password .....
Should i continue posting this?
💯3❤2
This media is not supported in your browser
VIEW IN TELEGRAM
next time when u think to do a project consider these
🔥7
kid cyber
Helps a lot specially for beginners i just have done the warm up and still 3 rooms to go from released ones It doesn't matter when u do the rooms what matters to win the prize is having more points at the end , if u do all the rooms u will get the certificate…
continued
let's do the rooms together
https://tryhackme.com/room/linuxcli-aoc2025-o1fpqkvxti
DAY 1:
- basics linux commands
such as ls, cd , grep(to find a text in a file) , find (to find a file with certain parameter provided) , and others
- what are some file systems in linux actually hold
such as /var/log/, a Linux directory where all security events (logs) are stored etc....
if u get stack u can get a video guide in the first page
let's do the rooms together
https://tryhackme.com/room/linuxcli-aoc2025-o1fpqkvxti
DAY 1:
- basics linux commands
such as ls, cd , grep(to find a text in a file) , find (to find a file with certain parameter provided) , and others
- what are some file systems in linux actually hold
such as /var/log/, a Linux directory where all security events (logs) are stored etc....
if u get stack u can get a video guide in the first page
TryHackMe
Linux CLI - Shells Bells
Explore the Linux command-line interface and use it to unveil Christmas mysteries.
❤5
continued
let's do the rooms together
https://tryhackme.com/room/phishing-aoc2025-h2tkye9fzU
DAY 2: was about
Understand what social engineering is
Learn the types of phishing
Explore how red teams create fake login pages
Use the Social-Engineer Toolkit to send a phishing email
Unfortunately, phishing attacks are becoming harder to spot so try to remember this word always : S.T.O.P
Suspicious?
Telling me to click something?
Offering me an amazing deal?
Pushing me to do something now?
the other mnemonic
Slow down. Scammers run on your adrenaline.
Type the address yourself. Don’t use the message’s link.
Open nothing unexpected. Verify first.
Prove the sender. Check the real From address/number, not just the display name.
let's do the rooms together
https://tryhackme.com/room/phishing-aoc2025-h2tkye9fzU
DAY 2: was about
Understand what social engineering is
Learn the types of phishing
Explore how red teams create fake login pages
Use the Social-Engineer Toolkit to send a phishing email
Unfortunately, phishing attacks are becoming harder to spot so try to remember this word always : S.T.O.P
Suspicious?
Telling me to click something?
Offering me an amazing deal?
Pushing me to do something now?
the other mnemonic
Slow down. Scammers run on your adrenaline.
Type the address yourself. Don’t use the message’s link.
Open nothing unexpected. Verify first.
Prove the sender. Check the real From address/number, not just the display name.
TryHackMe
Phishing - Merry Clickmas
Learn how to use the Social-Engineer Toolkit to send phishing emails.
❤4
Forwarded from Channel Unwrapped
Channel summary for 2025
your top preforming post of the year is https://news.1rj.ru/str/kiddev13/152
your top preforming post of the year is https://news.1rj.ru/str/kiddev13/152
❤5
continued
let's do the rooms together
https://tryhackme.com/room/splunkforloganalysis-aoc2025-x8fj2k4rqp
DAY 3: was about
learning objectives
- Ingest and interpret custom log data in Splunk
- Create and apply custom field extractions
- Use Search Processing Language (SPL) to filter and refine search results
- Conduct an investigation within Splunk to uncover key insights
let's do the rooms together
https://tryhackme.com/room/splunkforloganalysis-aoc2025-x8fj2k4rqp
DAY 3: was about
learning objectives
- Ingest and interpret custom log data in Splunk
- Create and apply custom field extractions
- Use Search Processing Language (SPL) to filter and refine search results
- Conduct an investigation within Splunk to uncover key insights
TryHackMe
Splunk Basics - Did you SIEM?
Learn how to ingest and parse custom log data using Splunk.
❤4
continued
let's do day 4 it is interesting and short
https://tryhackme.com/room/AIforcyber-aoc2025-y9wWQ1zRgB
DAY 4: consideration of AI in cybersecurity
learning objectives
Learning Objectives
How AI can be used as an assistant in cyber security for a variety of roles, domains and tasks
Using an AI assistant to solve various tasks within cyber security
Some of the considerations, particularly in cyber security, surrounding the use of AI
the usage of ai in offensive security , defensive security and software development
let's do day 4 it is interesting and short
https://tryhackme.com/room/AIforcyber-aoc2025-y9wWQ1zRgB
DAY 4: consideration of AI in cybersecurity
learning objectives
Learning Objectives
How AI can be used as an assistant in cyber security for a variety of roles, domains and tasks
Using an AI assistant to solve various tasks within cyber security
Some of the considerations, particularly in cyber security, surrounding the use of AI
the usage of ai in offensive security , defensive security and software development
TryHackMe
AI in Security - old sAInt nick
Unleash the power of AI by exploring it's uses within cyber security.
❤3
Forwarded from The Hacker News
⚠️ Researchers found malicious packages in VS Code, Go, npm, and Rust stealing developer data.
They mimicked themes, AI tools, and libraries to grab screenshots, Wi-Fi passwords, and browser cookies.
🔗 Find details here ↓ https://thehackernews.com/2025/12/researchers-find-malicious-vs-code-go.html
They mimicked themes, AI tools, and libraries to grab screenshots, Wi-Fi passwords, and browser cookies.
🔗 Find details here ↓ https://thehackernews.com/2025/12/researchers-find-malicious-vs-code-go.html
❤2