I am really enjoying been part of the Cyber Security community, but if you make a game that resembles the Crystal Maze and Cyber Security … I am going to flip out !!!!!
Now I am going to be straight with you …. pappy needz hiz fix, I am writing this blog to try and win more gold tickets…
… But I have writern and used TryHackMe.com in the past and the platform, I can honestly credit the site as a major reason I moved into Cyber Security as a career.
It started last year when searching for Security training…
It is not a replacement for this course, it is just my notes, more written information can be found here:-
I have used some of the notes from git hub and I used Postman web –
Postman Web link — https://web.postman.co/home
First API request via Postman …
Workspace > Open a new Tab > Past in the API URL > Add “/status” at the end of the URL
Click the “send” button and it will return the status
I am working through some of the rooms to help develop my skills on TryHackMe, below is a walk through for this room https://tryhackme.com/room/basicpentestingjt
Use NMAP to find open ports
sudo nmap IP ADDRESS
To look for hidden directories, we will be using OWASP DirBuster, to start the application in a terminal type: –
To find out when a Linux account’s password was last changed, you can view the shadow file in the terminal as root: -
sudo cat /etc/shadow
This will bring up the accounts and hashed passwords in the terminal, the third value is the date the password was changed.
NAME : $6$.n. : 18611
To work out the date the password was changed you need to find out how many days since the epoch date (‘epoch’ is often used as a synonym for Unix time) January 1, 1970.
So the the above (18611) is Tuesday, December 15, 2020.
Nessus Essentials is a free vulnerability assessment tool for upto 16 IP address. The free version comes with some excellent and free tools:-
STEP 2 — You then need to “get activation Code”
STEP 3 — Installed as default, once the installation has been completed, your default browser will bring up the following web page:- http://localhost:8834/WelcomeToNessus-Install/welcome
STEP 4 — It will ask you connect via SSL but there is no cert install by default, so go to “advanced” > “accept the risk and continue”
STEP 5 — Select a product > Nessus Essentials
STEP 6 —…
Appsheets allows users to create “no-code” applications to collect and/or connect to data. It is very similar to PowerApps from Microsoft and allows users to create mobile, tablet and web apps. AppSheets has been purchased by Google but can use data sources like DropBox, Office 365, Salesforce and more.
Create a new … login to AppSheets via a browser.
Info — in this example I have used a template …
As a total Noob to Python, it may seem a pretty simple to add date to the end of a file name … but it took me an hour to work it out *facepalm inserted here*
First in my script, I imported the “date” portion of the from the “datetime” libary,
from datetime import date
today = date.today()
print("Today's date:", today)
When creating the file (and this is the bit that took me an hour to find), you will need to set a verable which uses “today”
Date = (today)
Once you have set the date you can add this…
Below are some notes I made to help prepare me for the SY0–501 exam which I passed on the 30th December 2020 …
RC4 — is a streaming cipher algorithm that encodes plain text bit by bit.
Bycrypt Algorithm — is based on the blowfish cipher and is a key stretching tech that helps strenghten the password by using a password hashing function and then salting the password.
CASB (Cloud Access Secuirty Broker) — can be deployed in three different ways –
When using iFrame in a web page it is important to configure it as a sandbox and set only the attributes need to run.
The below infromation and sandbox attributes can be found here … https://www.w3schools.com/tags/att_iframe_sandbox.asp
“The sandbox attribute enables an extra set of restrictions for the content in the iframe.
When the sandbox attribute is present, and it will: