securityblog

Privacy Policy for securityblog At read it gain it , accessible from https://readitgainit.blogspot.com/, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by read it gain it and how we use it. If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us. This Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that they shared and/or collect in read it gain it . This policy is not applicable to any information collected offline or via channels other than this website. Consent By using our website, you hereby consent to our Privacy Policy and agree to its terms. Information we collect The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to prov...

Loading…

  Beginner BUG BOUNTY Tools part-3 Here is our third part. I’ve got good response for bug bounty tools for part 1&2 . So, I’ve managed to write this third blog To find a bug in a website we should know how the website is build and how the technology is build .To resolve this i have some automated tools and ill drop their link below wappalyzer  — Identify technology on websites. webanalyze  — Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning. python-builtwith  — BuiltWith API client whatweb  — Next generation web scanner retire.js  — scanner detecting the use of JavaScript libraries with known vulnerabilities httpx  — httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads. fingerprintx  — fingerprintx is a standalone utility for service discovery on open ports that works well with other popular bug bounty command line to...

  NGROK(How to host our website using Ngrok) Smrithi P  ,one of my follower has requested me to write this blog ,sorry for the delay atlast i made it for you Initially download ngrok from its offical website, download here After downloading open your Terminal in kali linux. After opening terminal,change the directory to douwnloads By using the command cd Downloads After that use this command to unzip tar -xvzf ngrok-v3-stable-linux-amd64.tgz the example is mentioned below After that create a account ,if you had a account login using it once you loggedin it redirects to a page as mentioned below then click the authtoken option Then copy the command and paste it on the terminal Dont forget to add ./ before it to test if it is working after that it shows like this click the web interface url and it redirects to browser and again shows a link and if you click that it shows like this to solve this problem we must run apache service by this command 1)sudo servi...

 BEGINNER BUG BOUNTY TOOLS PART 2 Port Scanning Port scanning is the process of systematically scanning a network or a host to discover open ports and services that are available for communication. Ports are communication endpoints used in networking, and each port is associated with a specific service or protocol. Port scanning is a common technique used in network reconnaissance and security assessments, both for legitimate purposes like network troubleshooting and for potentially malicious activities like identifying vulnerable services. This this definition given by chatgpt     let us see some port scanning tool used for bug bounty masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. RustScan - The Modern Port Scanner naabu - A fast port scanner written in go with focus on reliability and simplicity. nmap - Nmap - the Network Mapper. Github mirror of official SVN repository.   If you are using kali linux...

 BEGINNER BUG BOUNTY TOOLS PART-1 Subdomain Enumeration:     Subdomain enumeration, also known as subdomain discovery or subdomain reconnaissance, is the process of finding subdomains associated with a domain. Subdomains are part of a larger domain and can represent specific services, departments, or functions within an organization. Enumerating subdomains can be important for various purposes, including security assessments, web application testing, and domain management. Tools with Description Sublist3r - Fast subdomains enumeration tool for penetration testers Amass - In-depth Attack Surface Mapping and Asset Discovery massdns - A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration) Findomain - The fastest and cross-platform subdomain enumerator, do not waste your time. Sudomy - Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug huntin...

 PlayItSafe google cyber security professional course 2 (COURSERA) 1)More about the CISSP security domains-practice quiz      2)Navigate threats, risks, and vulnerabilities- quiz 3)weeklychallenge-1                       4)Test your knowledge: More about frameworks and controls-quiz 5)Test your knowledge: The CIA triad-quiz Test your knowledge: NIST frameworks Test your knowledge: OWASP principles and security audits Weekly challenge 2 Practice Quiz: Test your knowledge: Security information and event management (SIEM) dashboards Test your knowledge: Identify threats and vulnerabilities with SIEM tools Weekly challenge 3 Test your knowledge: Incident response Test your knowledge: Use a playbook to respond to an incident Weekly challenge 4 Hey guys this blog contains all answers of coursera 's google cyber security professional certification quiz answers.