Skip to content

Commit

Permalink
Updated
Browse files Browse the repository at this point in the history
  • Loading branch information
itspatkar committed Jul 18, 2024
1 parent cac408a commit 676a612
Show file tree
Hide file tree
Showing 3 changed files with 369 additions and 0 deletions.
9 changes: 9 additions & 0 deletions BAK/assets/script.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
var btn = document.querySelector(".button");

btn.addEventListener("click", function(){
if (document.body.getAttribute("data-theme") == "light"){
document.body.setAttribute("data-theme", "dark");
} else {
document.body.setAttribute("data-theme", "light");
}
});
139 changes: 139 additions & 0 deletions BAK/assets/style.css
Original file line number Diff line number Diff line change
@@ -0,0 +1,139 @@
/* Theme Toggle */
body[data-theme="light"] {
--bg-color: #fff;
--color: #000;
--link-color: #0d6efd;
--section-bg-color: #fbfbfc;
--section-border-color: #d7dce2;
--heading-underline-color: #ccc;
--code-box-bg-color: #f6f5f6;
--code-box-color: #e83e8c;
--code-box-color-ex: #ff395a;
--block-quote-bg-color: #e9ecef;
--block-quote-color: #212529;
--block-quote-border-color: #e9ecef;
--block-quote-border-left-color: #555a5e;
--bs-body-bg: #fff;
--bs-emphasis-color: #000;
--bs-border-color: #dee2e6;
}
body[data-theme="dark"] {
--bg-color: #080808;
--color: #fff;
--link-color: #1e88e5;
--section-bg-color: #0F1012;
--section-border-color: #ccc;
--heading-underline-color: #999;
--code-box-bg-color: #101010;
--code-box-color: #5fa8d3;
--code-box-color-ex: #42a5f5;
--block-quote-bg-color: #181818;
--block-quote-color: #999;
--block-quote-border-color: #5e5f60;
--block-quote-border-left-color: #caf0f8;
--bs-body-bg: #080808;
--bs-emphasis-color: #fff;
--bs-border-color: #606060;
}

body {
background-color: var(--bg-color);
color: var(--color);
}
a {
text-decoration: none;
color: var(--link-color);
}
.sections ol, .sections ul {
padding-left: 1.25rem;
}
.button {
position: sticky;
top: 0.5rem;
padding-right: 0.5rem;
font-size: 1.5rem;
}
.title {
padding: 1rem;
text-align: center;
}
.section-list {
font-size: 1rem;
}
.sections {
margin-bottom: 0.75rem;
padding: 0.95rem;
background-color: var(--section-bg-color);
border: 1px solid var(--section-border-color);
border-radius: 10px;
font-size: 0.975rem;
}
.heading {
padding-bottom: 5px;
border-bottom: 1.5px solid var(--heading-underline-color);
}
p {
margin-bottom: 0.4rem;
text-align: justify;
}
thead {
text-align: center;
}
.code-box {
margin-bottom: 10px;
padding: 6px;
border: 1px solid #7c8e9c;
border-radius: 5px;
line-height: 1.35;
background-color: var(--code-box-bg-color);
color: var(--code-box-color);
}
code {
color: var(--code-box-color);
}
.table code {
white-space: nowrap;
}
.code-box-color {
color: var(--code-box-color-ex);
}
.block-quote {
margin-bottom: 8px;
padding: 4px;
padding-left: 8px;
border: 1px solid var(--block-quote-border-color);
border-left: 3px solid var(--block-quote-border-left-color);
word-spacing: 4px;
background-color: var(--block-quote-bg-color);
color: var(--block-quote-color);
}
.img {
max-height: 100%;
max-width: 100%;
}
.justify {
text-align: justify;
}
nav {
position: sticky;
bottom: 0.5rem;
padding: 0 0.5rem;
font-size: 1.5rem;
}
nav a {
color: var(--color);
}

/* Responsiveness */
@media screen and (max-width: 575px) {
.container {
padding: 5px;
}
.section-list {
font-size: 0.95rem;
}
.sections {
padding: 12px 8px;
font-size: 0.85rem;
}
}
221 changes: 221 additions & 0 deletions BAK/cysec.html
Original file line number Diff line number Diff line change
@@ -0,0 +1,221 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">

<title>Cyber Security Cheatsheet</title>

<!-- Bootstrap CDN -->
<link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-T3c6CoIi6uLrA9TneNEoa7RxnatzjcDSCmG1MXxSR1GAsXEV/Dwwykc2MPK8M2HN" crossorigin="anonymous">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/font/bootstrap-icons.min.css">

<!-- CSS -->
<link rel="stylesheet" href="assets/style.css">
</head>

<body data-theme="light">
<div class="container">
<!-- Theme Toggle -->
<div class="button float-end"><i class="bi bi-circle-half"></i></div>

<h3 class="title">Cyber Security</h3>

<div class="section-list">
<ul>
<li><a href="#terms">Terminologies</a></li>
<li><a href="#tools">Tools</a></li>
</ul>
</div>

<div class="sections" id="terms">
<h4 class="heading"># Terminologies</h4>
<div>
<ul class="justify">
<li>
<b>Offensive Security (Red Team) :</b><br>Attacking - Offensive security is the process of breaking into computer systems, exploiting vulnerabilities, and finding loopholes in applications to gain unauthorized access to them.
</li>
<li>
<b>Defensive Security (Blue Team) :</b><br>Defending/Preventing - Defensive security is the process of protecting an organization's network and computer systems by analyzing and securing any potential threats.
</li>
<li>
<b>Security Operations Center (SOC) :</b><br>The Security Operations Center (SOC) is a team of IT security professionals tasked with monitoring, preventing, detecting, investigating, and responding to threats within a company’s network and systems.
</li>
<li>
<b>OSINT :</b><br>Open-Source Intelligence (OSINT) is the act of gathering and analyzing publicly available data for intelligence purposes.
</li>
<li>
<b>Threat Intelligence :</b><br>Threat intelligence aims to gather information to help the company better prepare against potential adversaries.
</li>
<li>
<b>OWASP :</b><br>The Open Web Application Security Project is a nonprofit foundation focused on understanding web technologies and exploitations and provides resources and tools designed to improve the security of software applications.</li>
<li>
<b>IDOR :</b><br>Insecure direct object references (IDOR) are a type of access control vulnerability that arises when an application uses user-supplied input to access objects directly. Broken access control means that an attacker can access information or perform actions not intended for them.
</li>
<li>
<b>Firewall :</b><br>A security system that monitors and controlls incoming an outgoing network traffic.
</li>
<li>
<b>Virus :</b><br>Virus is a piece of code (part of a program) that attaches itself to a program. It is designed to spread from one computer to another; moreover, it works by altering, overwriting, and deleting files once it infects a computer. The result ranges from the computer becoming slow to unusable.
</li>
<li>
<b>Trojan Horse :</b>Trojan Horse is a program that shows one desirable function but hides a malicious function underneath. For example, a victim might download a video player from a shady website that gives the attacker complete control over their system.<br>
</li>
<li>
<b>Ransomware :</b>Ransomware is a malicious program that encrypts the user’s files. Encryption makes the files unreadable without knowing the encryption password. The attacker offers the user the encryption password if the user is willing to pay a “ransom.”<br>
</li>
<li>
<b>HTML Injection :</b>HTML Injection is a vulnerability that occurs when unfiltered user input is displayed on the page. If a website fails to sanitise user input (filter any "malicious" text that a user inputs into a website), and that input is used on the page, an attacker can inject HTML code into a vulnerable website.<br>
</li>
<li>
<b>SQLi (Structured Query Language Injection) :</b>SQLi is an attack on a web application database server that causes malicious queries to be executed. When a web application communicates with a database using input from a user that hasn't been properly validated, there runs the potential of an attacker being able to steal, delete or alter private and customer data and also attack the web application authentication methods to private or customer areas. - If web server of dbms throws sql error directly then it has sql injection vulnerability.<br>
</li>
<li>
<b>Proxy :</b>Proxy server is a system or router that provides a gateway between users and the internet. Therefore, it helps prevent cyber attackers from entering a private network. It is a server, referred to as an “intermediary” because it goes between end-users and the web pages they visit online.<br>
</li>
<li>
<b>Web Socket :</b><br>
</li>
<li>
<b>SSL/TLS :</b><br>Establishes a secure connection over public network, enabling secure remove access.
</li>
<li>
<b>VPN :</b><br>
</li>
<li>
<b>TOR (The Onion Router) :</b><br>TOR Network and Browser.
</li>
<li>
<b>Proxychains :</b><br>
</li>
</ul>
</div>
</div>

<div class="sections" id="terms">
<h4 class="tools"># Tools</h4>
<div>
<ul class="justify">
<li>
<b>gobuster :</b> Gobuster is a tool used in penetration testing and cybersecurity assessments. It's primarily designed for discovering web content, directories, and files on web servers.
</li>
<li>
<b>pdfinfo :</b> Portable Document Format (PDF) document information extractor (poppler-utils)
</li>
<li>
<b>exiftool :</b> ExifTool is used to read and write metadata in various file types, such as JPEG images.
</li>
<li>
<b>sqlmap :</b> SQLMap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection vulnerabilities in web applications.
</li>
<li>
<b>crunch :</b> Crunch command generates wordlists based on specified character sets, minimum and maximum lengths, and specific patterns. These wordlists can be used for dictionary attacks.
</li>
<li>
<b>jSQL :</b>
</li>
<li>
<b>Burp Suite :</b> Burp Suite is a Java-based framework designed to serve as a comprehensive solution for conducting web application penetration testing. Burp Suite captures and enables manipulation of all the HTTP/HTTPS traffic between a browser and a web server. This fundamental capability forms the backbone of the framework. The ability to intercept, view, and modify web requests before they reach the target server or even manipulate responses before they are received by our browser makes Burp Suite an invaluable tool for manual web application testing. It includes various tools for scanning, fuzzing, intercepting, and analyzing web traffic.
</li>
</ul>
</div>
</div>

<!-- Navigation Buttons -->
<nav>
<a href="https://itspatkar.github.io/Cheatsheets/"><i class="bi bi-arrow-left-square-fill"></i></a>
<a href="#" class="float-end"><i class="bi bi-arrow-up-square-fill"></i></a>
</nav>
</div>

<!-- JavaScript -->
<script src="assets/script.js"></script>
</body>
</html>


Ethernet

A family of protocols that specify how devices on the same network segment format and transmit data.

A standard way to connect devices in a wired network using cables and hubs.

Ethernet

A family of protocols that specify how devices on the same network segment format and transmit data.

https://www.codelivly.com/the-ultimate-networking-cheatsheet/

-----------------------------

SSL/TLS


----------------------

Firewall

Firewall Type Description
Network Firewall Protects an entire network from unauthorized access and attacks
Host-based Firewall Protects an individual computer from unauthorized access and attacks

Firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Network Firewall is a firewall that protects an entire network from unauthorized access and attacks. Network firewalls can be hardware or software-based and are typically installed at the perimeter of a network to block unauthorized access from the internet.

Host-based Firewall is a firewall that protects an individual computer from unauthorized access and attacks. Host-based firewalls are typically software-based and are installed on individual computers to control access to network resources and block unauthorized traffic.

Firewalls use a variety of techniques to control and monitor network traffic, including packet filtering, stateful inspection, and application-level filtering. By blocking unauthorized access and filtering out malicious traffic, firewalls help to protect networks and the data transmitted over them from security threats.

------------------------

VPN
VPN Type Description
Site-to-Site VPN Connects two or more networks together over the internet
Remote Access VPN Allows remote users to securely access a private network over the internet

VPN, or Virtual Private Network, is a technique used to create a secure and encrypted connection over the internet between two or more devices or networks.

Site-to-Site VPN connects two or more networks together over the internet, allowing devices on each network to communicate securely with devices on the other network(s). This is commonly used by businesses with multiple locations or by organizations that need to securely connect with partner networks.

Remote Access VPN allows remote users to securely access a private network over the internet. This is commonly used by employees who need to access company resources from a remote location, such as from home or while traveling. Remote access VPN can be configured to require user authentication and can be set up to provide access to specific network resources.

VPNs use encryption and tunneling protocols to ensure that data transmitted over the internet is secure and protected from unauthorized access. VPNs are commonly used in businesses and organizations to improve network security and enable remote access to network resources.


----------------

NAT
NAT Type Description
Static NAT Maps a public IP address to a single private IP address
Dynamic NAT Maps a public IP address to a pool of private IP addresses
PAT (Port Address Translation) Maps a public IP address and port to a private IP address and port

NAT, or Network Address Translation, is a technique used to allow multiple devices on a private network to share a single public IP address.

Static NAT maps a single public IP address to a specific private IP address, while dynamic NAT maps a public IP address to a pool of private IP addresses. This allows multiple devices on a private network to share a single public IP address, as each device is assigned a unique private IP address from the pool.

PAT, or Port Address Translation, is a form of NAT that maps a public IP address and port to a private IP address and port. This allows multiple devices on a private network to share a single public IP address, with each device being assigned a unique port number.

NAT is commonly used in small to medium-sized networks to allow devices on a private network to access the internet using a single public IP address.


----------------

DNS
Record Type Description
A Maps a hostname to an IPv4 address
AAAA Maps a hostname to an IPv6 address
CNAME Maps an alias hostname to the canonical hostname
MX Specifies the mail exchange server(s) for a domain
TXT Stores arbitrary text data associated with a hostname
NS Specifies the name server(s) for a domain

DNS, or Domain Name System, is a hierarchical naming system used to translate human-readable domain names into IP addresses that machines can understand.

DNS uses various types of resource records, or DNS records, to store information about domain names and their associated IP addresses. The A record maps a hostname to an IPv4 address, while the AAAA record maps a hostname to an IPv6 address. The CNAME record maps an alias hostname to the canonical hostname.

The MX record specifies the mail exchange server(s) for a domain, while the TXT record stores arbitrary text data associated with a hostname. The NS record specifies the name server(s) for a domain.

DNS is a critical component of the internet infrastructure, and it is used for a wide range of applications, including web browsing, email, and online gaming.

0 comments on commit 676a612

Please sign in to comment.