fa
Feedback
Bug Bounty - GitBook

Bug Bounty - GitBook

رفتن به کانال در Telegram
7 470
مشترکین
+1024 ساعت
+417 روز
+18130 روز
آرشیو پست ها
Parrot_Security_OS_A_Debian_Based_Distro_for_Penetration_Testing.mhtml

SANS_SEC542.pdf66.89 MB

توییت برنامه نویسی 👀🖥 @DevsTweet

🔔 قابل توجه علاقه مندان به امنیت : ​ 👁‍🗨 شرکت سورین جهت تکمیل تیم فنی مرکز عملیات امنیت (SOC)، به دنبال جذب همکاری با مشخصات ذیل میباشد: 💻نیازمندی‌ها آشنایی با مفاهیم امنیت شبکه و سیستم عامل آشنایی با مهمترین تهدیدات و حملات سایبری آشنایی با لاگ تجهیزات امنیتی آشنایی با حداقل یک SIEM دارای روحیه کار تیمی و علاقه مند به یادگیری حداقل یک سال سابقه کار مرتبط ▫️شرح شغلی رصد و پایش رخداد های سایبری به صورت شیفتی گزارش نویسی(مستند سازی) 📃ارسال رزومه به : لینکدین سورین یا آدرس ایمیل soorinsec.ir@gmail.com تیم سورین

OSINT Cheat Sheets Collection.pdf35.29 MB

photo content

What is a cookie? There is a data that is automatically set by the web server to our browser. What does it do now? Suppose you enter Digikala website and register for the first time. Now, after that, you put away the device you used to log in to DigiKala and after a few days you go to the DigiKala site again, but now the login page no longer appears for you and you have direct access to your account, but how? In simple terms, I want to say that DigiKala remembers our products and does not ask for your email or password anymore. This can be done by using cookies. A cookie is a string that, as long as it is on your device, means authentication and your access (privilege) without logging in to the website. It has a series of flags that specify how to work: (At the end, I will tell you the syntax of using these flags) 1- domain It means setting a cookie in a specified domain. 2-path It means setting a cookie in specific routes on a website. For example, suppose a website has several routes: site.com/login site.com/class It can be specified with the path flag, for example, to set a cookie only for /login! 3- Secure A cookie is set only for the HTTPs protocol. 4 - HttpOnly This flag will only set cookies for the HTTP protocol, HTTPs, and only they can access the cookies. In other words, different third parties such as extensions or Javascript codes cannot select them and use them. 5- Samesite This flag specifies whether to transfer cookies only for the same origin. Let me first explain what happens when a cookie is transferred from one site to another. Suppose I am a hacker and I have a website where you enter the website, there is a series of html codes on my site that makes us send requests to different sites (it can be with different tags such as: iframe, image, script) In the script, a feature called xmlHttpRequest is used, which I will tell you more later and I will give you an example of its code. Now, suppose one of those websites is a bank portal from which I was able to extract your cookies (because you have already logged in and given you a series of cookies) and use it to confirm my identity instead of you. And I can log into your account. More information about the samesite flag: It can have different values such as: samesite = Strict This feature shows that only those who have the same origin can access the cookie. Like two websites: x.site.com Y.site.com:443 These two have similar origins. samesite = none This feature allows cookie access in any origin to any other origin. samesite = Lax This feature is the same as the top feature, but there is one condition, that is, there must be a top level navigator feature on the primary website (in short, it means to enter the destination website by clicking on the primary website. Using the tag a in HTML) 6 - expire Specifies the cookie expiration time. Now how to set cookies for the website? For example, in PHP, the syntax is: setcookie(name, value, expire, path, domain, secure, httponly); Or in JavaScript, for example: document.cookie = "username=John Doe; expires=Thu, 18 Dec 2033 12:00:00 UTC; path=/";

Language: persian By tomnomnom Translate By @imexemi Main> https://t.me/GitBook_s/502

پکیج قانونی و رایگان ریجکس از سایت پارس کلیک http://dl.softsara.ir/learning/parsclick/regular_expression_learning.rar?802 1.3GB Pass : softsara.ir

Regex Quick Syntax Reference

Regex or Regular Expressions are very useful in Pentesting and Bugbunty; including finding specific patterns in data, extract
Regex or Regular Expressions are very useful in Pentesting and Bugbunty; including finding specific patterns in data, extracting sensitive information, and identifying vulnerability patterns. If you learn Regex correctly, you can scan and analyze more accurately. https://github.com/ziishaned/learn-regex/tree/master regular and simple tutorials https://regexone.com/ step by step exercises https://regexlearn.com/learn interactive and practical resources https://regex101.com https://regexr.com/ https://regexone.com/

Regex or Regular Expressions are very useful in Pentesting and Bugbunty; including finding specific patterns in data, extract
Regex or Regular Expressions are very useful in Pentesting and Bugbunty; including finding specific patterns in data, extracting sensitive information, and identifying vulnerability patterns. If you learn Regex correctly, you can scan and analyze more accurately. https://github.com/ziishaned/learn-regex/tree/master regular and simple tutorials https://regexone.com/ step by step exercises https://regexlearn.com/learn interactive and practical resources https://regex101.com https://regexr.com/ https://regexone.com/

Regex Quick Syntax Reference

Regex or Regular Expressions are very useful in Pentesting and Bugbunty; including finding specific patterns in data, extract
Regex or Regular Expressions are very useful in Pentesting and Bugbunty; including finding specific patterns in data, extracting sensitive information, and identifying vulnerability patterns. If you learn Regex correctly, you can scan and analyze more accurately. https://github.com/ziishaned/learn-regex/tree/master regular and simple tutorials https://regexone.com/ step by step exercises https://regexlearn.com/learn interactive and practical resources https://regex101.com https://regexr.com/ https://regexone.com/

[ Passive Recon: Subdomains] Key points of the report: 💬 What is DNS 💬 Difference between DNS and Vhost 💬 Working with passive DNS 💬 Popular dictionaries for searching 💬 Search utilities Language: Russian

Regex or Regular Expressions are very useful in Pentesting and Bugbunty; including finding specific patterns in data, extract
Regex or Regular Expressions are very useful in Pentesting and Bugbunty; including finding specific patterns in data, extracting sensitive information, and identifying vulnerability patterns. If you learn Regex correctly, you can scan and analyze more accurately. https://github.com/ziishaned/learn-regex/tree/master regular and simple tutorials https://regexone.com/ step by step exercises https://regexlearn.com/learn interactive and practical resources

Regex or Regular Expressions are very useful in Pentesting and Bugbunty; including finding specific patterns in data, extract
Regex or Regular Expressions are very useful in Pentesting and Bugbunty; including finding specific patterns in data, extracting sensitive information, and identifying vulnerability patterns. If you learn Regex correctly, you can scan and analyze more accurately. https://github.com/ziishaned/learn-regex/tree/master regular and simple tutorials https://regexone.com/ step by step exercises https://regexlearn.com/learn interactive and practical resources

Red-Teaming-TTPs Cloud TTPs ICS Linux Mac OSX TTPs Threat Intelligence TTPs Web Windows >Guides Link 🔗:- https://rosesecurity.gitbook.io/red-teaming-ttps @GitBook_s