Tobi

Login page

What are Passwords, and why Does a Password Policy Matter in 2025

Leave a Comment / Cybersec /

The Password Problem Passwords remain one of the most fundamental elements of online security in 2025. They’re still the first line of defence for everything from your email to your cloud storage, banking apps, and even your smart home devices. Despite advances in biometrics and passkeys, most people continue to rely on passwords in some form, which makes the way we create and manage them more important than ever. But here’s the catch: in our always online world, it’s easy to fall into bad habits. Using the same password for multiple accounts, choosing something simple like your pet’s name, or writing them down on paper might save you a few seconds. But these shortcuts could cost you your identity, your data, or worse, your money. That’s where a password policy comes in. Whether you’re an individual trying to stay safe online or managing a small business, setting up a sensible, consistent password policy in 2025 is no longer optional; it’s essential. How Often Do We Really Use Passwords? Let’s put this into perspective. The average internet user today juggles around 100–150 digital accounts. That figure has steadily increased since 2023, thanks to the continued rise of cloud services, streaming platforms, online shopping, and work-from-home tools. Think about it: your social media accounts, your email inbox, your crypto wallet, your utility accounts, university portals, team collaboration tools, even your online food delivery app, all require passwords. And often, they store sensitive information that hackers would love to get their hands on. So it’s no longer a question of “Do I need strong passwords?” but “How can I keep all these accounts secure without going crazy trying to remember them?” The answer lies in adopting a strong password policy. So, What Is a Password Policy? A password policy is a set of rules that helps you create, store, and manage passwords securely. Think of it as your own blueprint for staying safe online, like brushing your teeth, but for your digital life. A good password policy typically covers: In 2025, many organisations are moving towards “zero trust” security models. For everyday users, that just means we should never assume any account is too minor to be hacked, and every layer of protection matters. Why Should You Have a Password Policy (Even if You’re Not a Tech Expert)? Creating a personal password policy might sound like overkill, but here’s why it’s worth it: 1. It Protects Your Identity and Data We’re more exposed now than ever. Data breaches are still common, and leaked passwords from 2022 or 2023 are still floating around the dark web. If you’re reusing passwords or using weak ones, you’re a prime target for credential stuffing attacks, where hackers try the same login on multiple sites until something works. A unique, strong password for every account drastically reduces your chances of being hacked. 2. It Makes Managing Accounts Easier Ironically, having lots of strong, complex passwords is easier if you’re organised. Instead of stressing about remembering passwords, your policy can include using a password manager, more on that in a bit, so everything’s stored safely and automatically filled when you need it. 3. It Keeps Your Finances Safe Online banking, stock trading, crypto wallets, and shopping apps all require strong protection. If someone cracks your password and gains access to any of these, it could result in financial loss or even identity theft. A strong password policy acts like digital insurance. 4. It Safeguards Your Reputation It’s not just about money. If someone takes over your social media or email, they could impersonate you, harass your contacts, or even leak private conversations. This can damage relationships, careers, and your sense of safety. A password policy helps you avoid that chaos. How to Create a Password Policy That Works for You in 2025 The best way to start is by using a password manager. What’s a Password Manager? A password manager is an app or browser extension that generates, stores, and autofills strong passwords across your devices. You only need to remember one master password; the manager does the rest. In 2025, password managers are more user-friendly than ever and widely trusted. Here are some popular free options to get you started: 1. Bitwarden Bitwarden is open-source, privacy-focused, and offers a generous free plan. It includes password generation, storage, autofill, and even sharing features for families or teams. 2. KeePass A long-time favourite among tech-savvy users, KeePass is free and open-source. It doesn’t store your passwords in the cloud by default, which some people prefer for offline security. It does require a bit more manual setup, though. 3. Zoho Vault Perfect for both individuals and small businesses. Zoho Vault offers a clean interface, good encryption, and integrations with other Zoho tools. The free version supports a decent range of features. 4. LastPass (Free Tier) While LastPass faced some trust issues due to a breach in 2022, many still use it thanks to its convenience and recovery features. Their free version allows password saving and one-device access. Pro Tip: Choose a password manager that works across all your devices and browsers. Make sure it encrypts data end-to-end and allows for 2FA to access your vault. A Quick Word on Master Passwords Your master password is the key to your entire digital vault. Make it long, random, and unique — something like “GiraffeBatterySunset!2025**” — and never reuse it anywhere else. Don’t store it in a text file or email it to yourself. If your password manager offers biometric login or backup options like recovery keys, use them. What About Two-Factor Authentication (2FA)? If you’re serious about security, 2FA should be a non-negotiable part of your password policy in 2025. What Is 2FA? Two-factor authentication means logging in with something you know (like a password) and something you have (like a code sent to your phone or generated by an app). That way, even if someone gets your password, they still can’t get into your account unless they also have your device

What are Passwords, and why Does a Password Policy Matter in 2025 Read More »

Image of SQL logo

Understanding Union-Based SQL Injection

Leave a Comment / Pentest /

Union-based SQL Injection is a type of SQL injection attack that exploits the “UNION” operator in SQL to retrieve data from two or more tables in a database. This type of attack is often used to extract sensitive data from a database, such as usernames, passwords, and credit card numbers.  Just like the word “UNION” consider it as the coming together of two or more things.  To understand how a Union-based SQL injection works, it is important to first understand the “UNION” operator in SQL. The UNION operator is used to combine the results of two or more SELECT statements into a single result set. The SELECT statements used in a UNION must have the same number of columns, with the corresponding columns in each SELECT statement having the same data type.  I will give you a real-life scenario to better understand what I spoke about just now.   Imagine that you have two toy boxes, one with red toys and one with blue toys. You want to put all the toys together in one big box. You can do this by using the “UNION” operator, which is like a magic tool that can help you combine the toys from both boxes into one big box.  However, to use the “UNION” operator, you need to make sure that the toys in each box are organized in the same way. For example, if you have three red balls in one box, you need to make sure that the other box also has three blue balls, because the “UNION” operator requires that the boxes have the same number of toys and the same type of toys.  Now let’s say that you want to find all the toys that are round in shape. You can use a “SELECT” statement to look for all the round toys in the red toy box, and another “SELECT” statement to look for all the round toys in the blue toy box. Then, you can use the “UNION” operator to combine the results of both “SELECT” statements into one big list of round toys.  In the same way, a Union-based SQL injection attack uses the “UNION” operator to combine the results of two or more SQL statements into one big result set. The attacker injects a malicious SQL statement that includes a “UNION” statement and a “SELECT” statement that retrieves data from a different table in the database. To make the attack work, the attacker must ensure that the columns in the original SQL statement match the columns in the attacker’s “SELECT” statement.  Just like in the toy box example, the attacker needs to make sure that the data in both tables are organized in the same way, with the same number of columns and the same type of data. If the attacker can successfully inject the malicious SQL statement and retrieve sensitive data from the database, they can use that information to do bad things, like steal your personal information or take control of your accounts.  In a Union-based SQL injection attack, the attacker attempts to inject a malicious SQL statement into the original query, with the goal of retrieving additional data from a different table in the database. The injection typically involves appending a UNION statement to the end of the original query, followed by a SELECT statement that retrieves data from the attacker’s chosen table. The SELECT statement is carefully crafted by the attacker to ensure that the columns in the original query match those in the attacker’s SELECT statement.  Here’s an example of a Union-based SQL injection attack:  Let’s assume that there is a vulnerable website that has a search form that takes users’ input and queries a database. The search query might look something like this:  SELECT * FROM products WHERE name = ‘input’;  The query above might look quite confusing but again, I will break it down.   Imagine that you are playing with a big box of toys, and you want to find a specific toy in the box. You can ask someone to help you by saying, “Can you please find the toy that is called ‘input’ and give it to me?”  In the same way, when you use the SQL statement “SELECT * FROM products WHERE name = ‘input’”, you are asking the computer to find a specific record in a table of information (which is like a big box of data). The table is called “products”, and you want to find the record that has a name that matches the word “input”.  The “*” in the statement means “everything”, so you are asking the computer to give you all the information about that specific record, not just the name.  Overall, this SQL statement is like a special instruction that you can give to a computer to help you find specific information that you need, just like you would ask someone to find a specific toy in a big box.  With the query above, just assume you’re on eBay and you are under the fashion section and you search for “scarf”. The query to eBay’s database might look something like SELECT * FROM Products WHERE name = ‘scarf’;  The SQL statement used by eBay’s website might look something like “SELECT * FROM Products WHERE name = ‘scarf’;”.  In this statement, “Products” is the name of the table that contains information about all the products on eBay’s website, and “name” is the name of the column in that table that contains the names of the products. The statement is telling the database to look for all the products in the “Products” table where the name of the product is exactly equal to the search term “scarf”.  The website then displays the search results to you based on the information returned by the database. This is just one example of how websites use SQL statements to retrieve and display data from a database based on user input.  An attacker can exploit this vulnerability by injecting a Union statement that retrieves data from

Understanding Union-Based SQL Injection Read More »

SQL Injection topic image

SQL Injection: Understanding the Threat and Implementing Secure Measures

Leave a Comment / Pentest /

SQL Injection (SQLI) is a type of security vulnerability that affects database-driven websites (These are websites or applications that have most of their contents in a database) and applications.  This vulnerability is caused by improper input validation and manipulation of database query commands. In simple terms, SQL Injection allows an attacker to insert malicious code into a database query, which can result in unauthorized access to sensitive information, manipulation of data, and even complete system compromise.  What are some examples of database-driven websites? Some notable examples of database-driven websites are:   E-commerce websites: Online shopping websites, such as Amazon, H&M, and eBay. They are database driven because they store customer information, product information, and transaction data in databases.  Social media websites: Social media platforms, such as Facebook and Twitter, store user profiles, posts, and other information in databases.  Banking and financial websites: Banking and financial websites, such as Moneygram and PayPal, store sensitive customer information, such as account numbers, login credentials, and financial transactions, in databases.  Healthcare websites: Healthcare websites, such as NHS, store patient information, medical records, and other sensitive data in databases.  Government websites: Many government websites, such as HMRC store sensitive information such as tax returns, and National Insurance Numbers in databases.  These are just a few examples of the types of websites that use databases to store and manage information.   How does SQL Injection work? SQL Injection attacks are one of the most common security threats on the internet and are widely used by attackers to gain access to sensitive information, such as credit card numbers, login credentials, and personal data. Unfortunately, many organizations and businesses are not aware of the severity of this issue, and they often neglect to implement the necessary security measures to protect against SQL Injection attacks.  In this blog post, I will discuss what SQL injection is, the consequences of an SQL Injection attack, and the steps organizations and individuals can take to protect against and detect these types of attacks. I will also touch upon the importance of keeping software and systems up-to-date in order to minimize the risk of falling victim to an SQL Injection attack.  What could happen when there is a successful SQL Injection attack? A successful SQL Injection (SQLI) attack can have severe consequences for both organizations and individuals. Here are a few of the most significant impacts:  Confidential data exposure: SQL Injection attacks can allow attackers to access and steal sensitive information such as credit card numbers, login credentials, personal data, and confidential business information.  Data manipulation: Attackers can use SQL Injection to manipulate data stored in a database, leading to incorrect or false information being displayed to users, or even corrupting or destroying important data.  System compromise: In severe cases, a successful SQL Injection attack can compromise the entire system, allowing the attacker to gain full control over the affected website or application.  Financial losses: The costs associated with an SQL Injection attack can be substantial, including the cost of repairing the affected systems, investigating the attack, and potential lawsuits or fines if sensitive information is stolen.  Reputation damage: A successful SQL Injection attack can severely damage the reputation of a business or organization, causing customers to lose trust and potentially resulting in long-term financial losses.  These consequences demonstrate the critical nature of protecting against SQL Injection attacks and the importance of taking proactive measures to minimize the risk of falling victim to an attack.  SQL Injection attacks don’t come via a one-way street. There are quite a couple of examples and by the time you’re reading this, there’s a big chance there is a new type of SQL Injection attack.  Listed below are some examples of SQL Injection attacks.  Union-based SQL Injection can have a subtype of in-band and out-of-band SQL Injection and could also be in form of stacked queries SQL Injection Tautologies-based SQL Injection Blind SQL Injection which has a subtype of time-based and boolean-based SQL Injection Error-based SQL Injection  Stored procedure SQL Injection Second-order SQL Injection There’s quite a lot of it and in the coming weeks, there’s going to be a detailed explanation of every single one of the attacks listed above.  What brands or organisations have been a victim of SQL Injection attacks? Listed below are popular brands and organizations that have been victims of SQL Injection attacks.  It’s worth noting that many organizations that have suffered from SQL Injection (SQL Injection) attacks do not publicly disclose the attack or the extent of the damage. However, here’s a list of some organizations that have been known to have suffered from SQL Injection attacks:  Target: In 2013, the retailer suffered a major data breach as a result of an SQL Injection attack that resulted in the theft of 40 million credit and debit card numbers.  Yahoo!: In 2013, the internet giant announced that it had suffered a data breach as a result of an SQL Injection attack that compromised the personal information of three billion users.  JPMorgan Chase: In 2014, the financial institution announced that it had suffered a data breach as a result of an SQL Injection attack that compromised the personal information of 76 million households and 7 million small businesses.  Home Depot: In 2014, the retailer announced that it had suffered a data breach as a result of an SQL Injection attack that compromised the payment information of 40 million customers.  Sony Pictures: In 2014, the entertainment company suffered a major data breach as a result of an SQL Injection attack that resulted in the theft of sensitive corporate and employee information.  Equifax: In 2017, the credit reporting agency announced that it had suffered a data breach as a result of an SQL Injection attack that compromised the personal information of 147 million consumers.  Marriott International: In 2018, the hotel giant announced that it had suffered a data breach as a result of an SQL Injection attack that compromised the personal information of 500 million guests.  Capital One: In 2019, the financial institution announced that it

SQL Injection: Understanding the Threat and Implementing Secure Measures Read More »

Windows Computer Update

System Updates Explained and Why They’re Important.

Leave a Comment / Cybersec /

Software updates are important for a variety of reasons. They can improve the performance of a device or program, fix security vulnerabilities, and add new features. In this post, I’ll explain what software updates are, why they’re important, and how to install them. What are software updates? Software updates can be seen as small patches of code that are released by the developer of a device or a program to improve its functionality. These updates can be for the operating system of a computer or phone, for a specific app, or for firmware on a device like a router or a printer. Why are software updates important? Software updates are important because they can fix problems with a program or device. For example, if a piece of software has a security vulnerability that could allow hackers to access your device, an update can fix that security vulnerability and protect your device. Software updates can also improve the performance of a program or device. They may fix bugs or glitches that were causing problems, or they may add new features that make the program or device more useful. Keeping your device software up to date is important for a number of reasons. Here are five key benefits of keeping your device software up to date:  Security: One of the most important reasons to keep your device software up to date is to protect yourself from security vulnerabilities. As software developers identify and fix security vulnerabilities in their products, they release updates that patch these vulnerabilities and protect your device from potential attacks. By installing these updates, you can help prevent cybercriminals from exploiting vulnerabilities in your software and stealing your personal information.  Performance: Keeping your device software up to date can also help improve its performance. As developers release updates, they often include performance enhancements and bug fixes that can make your device run more smoothly and efficiently. This can be especially important for devices with limited resources, such as smartphones and tablets, which can slow down over time if they are not properly maintained.  Compatibility: Another benefit of keeping your device software up to date is that it can help ensure that your device is compatible with new technologies and services. For example, if you have an older device that is not running the latest version of an operating system, you may not be able to use certain apps or services that require the latest version. By keeping your device software up to date, you can access the full range of features and services available to you.  New features: One of the most obvious reasons to keep your device software up to date is to get access to new features and improvements. Many software updates include new features or improvements to existing features, which can make your device more useful and enjoyable to use. For example, a new update for a smartphone might include improved battery life, a more powerful camera, or a new user interface.  Support: Finally, keeping your device software up to date can also help ensure that you have access to support from the manufacturer or developer. If you have an older version of a product that is no longer supported, you may not be able to get help if you encounter a problem or have a question. By keeping your device software up to date, you can ensure that you have access to the latest support resources and assistance.  Overall, there are many good reasons to keep your device software up to date. By doing so, you can protect yourself from security vulnerabilities, improve the performance of your device, ensure compatibility with new technologies and services, get access to new features and improvements, and have access to support when you need it. It may take a little extra effort to keep your software up to date, but the benefits are well worth it.  How to install software updates The process for installing software updates will depend on the device or program that you’re using. Here are a few general steps that you can follow: Check for updates: Most devices and programs will have a built-in mechanism for checking for updates. On a computer, you may see a notification in the system tray or be prompted to check for updates when you launch the program. On a phone or tablet, you may see a notification in the status bar or be prompted to check for updates when you open the app store. Download the update: If an update is available, you’ll need to download it to your device. This may take a few minutes, depending on the size of the update and the speed of your internet connection. Install the update: Once the update has been downloaded, you’ll need to install it. On a computer, you may see a notification or be prompted to restart your device. On a phone or tablet, you may need to tap a button to begin the installation process. It’s important to note that some updates may require you to restart your device in order to complete the installation process. Be sure to save any work that you’re in the middle of before installing an update, as you may lose any unsaved progress. In conclusion, software updates are important because they help to keep your device or program up-to-date with the latest technology, and, they are also important for improving the performance and security of a program or of your device. By keeping your software up-to-date, you can ensure that you’re getting the best possible experience from the devices you own and the programs you use. I hope you enjoyed reading my blog post! If you found the content useful or informative, I would really appreciate it if you could take a moment to leave a comment and share the post with your friends and colleagues. Your feedback and support helps me to continue creating valuable content for you readers. Thank you for considering and I look forward to reading your

System Updates Explained and Why They’re Important. Read More »

What is Virtualisation, virtual machine, and hypervisor?

Leave a Comment / Cybersec /

Virtualization is the process of creating a virtual version of a computing resource, such as a server, an operating system, or a storage device. It involves using software to emulate the functionality of these resources, allowing multiple virtual versions to run on a single physical device.  Virtualization has become increasingly popular in recent years, as it allows businesses to more efficiently utilize their resources and reduce costs. For example, rather than purchasing and maintaining multiple physical servers, a company can use virtualization to create virtual servers on a single physical device. This can save money on hardware, power, and maintenance costs.  Virtualization can also be used to create virtual environments for testing and development purposes. This allows developers to test new software or configurations without affecting the live production environment.  There are several different types of virtualization, including:  Server virtualization: This involves creating virtual versions of servers, which can be used to host applications and services.  Desktop virtualization: This involves creating virtual versions of desktop environments, allowing users to access their desktops from any device.  Network virtualization: This involves creating virtual versions of network resources, such as switches and routers.  Storage virtualization: This involves creating virtual versions of storage devices, allowing multiple virtual devices to share a single physical device.  Overall, virtualization can provide numerous benefits to businesses, including cost savings, improved resource utilization, and increased flexibility. It has become an essential tool for many organizations, and its use is likely to continue growing in the future.  What is a virtual machine? A virtual machine (VM) is a software-based emulation of a computer system. It allows a single physical device, such as a server or desktop computer, to host multiple virtual environments, each with its own operating system and applications.  Virtual machines are often used in situations where it is necessary to run multiple operating systems or applications on a single device. For example, a developer may use a virtual machine to test software on multiple operating systems without the need for multiple physical devices.  There are several benefits to using virtual machines. One of the main advantages is the ability to run multiple operating systems on a single device. This can be useful for testing and development purposes, as it allows users to easily switch between different environments.  Virtual machines also offer improved security and isolation. Since each virtual machine operates independently, the failure of one VM does not affect the others. This can be particularly useful in business environments, where multiple virtual machines can be used to host different applications or services.  In addition, virtual machines can be easily created, configured, and deleted, making them a flexible and cost-effective solution for businesses. They can also be easily migrated to other physical devices, allowing businesses to easily scale their computing resources as needed.  Below are some examples of virtual machines:  There are many notable examples of virtual machine software, including:  VMware: This is a popular virtual machine software that is widely used in enterprise environments. It supports a variety of operating systems and allows users to easily create and manage virtual machines.  VirtualBox: This is a free and open-source virtual machine software that is popular among developers and IT professionals. It supports a wide range of operating systems and allows users to easily create and manage virtual machines.  Hyper-V: This is a virtual machine software that is included with the Windows operating system. It allows users to create and manage virtual machines and supports a variety of operating systems.  KVM: This is an open-source virtual machine software that is commonly used on Linux systems. It allows users to create and manage virtual machines and supports a variety of operating systems.  Xen: This is an open-source virtual machine software that is commonly used on Linux systems. It allows users to create and manage virtual machines and supports a variety of operating systems.  These are just a few examples of virtual machine software. There are many other options available, each with its own unique features and capabilities.  Overall, virtual machines are a powerful tool that can be used in a variety of settings to improve efficiency, security, and flexibility. They have become an essential part of many businesses and organizations, and their use is likely to continue growing in the future.  To the final bit; what is a hypervisor? A hypervisor, also known as a virtual machine manager (VMM), is a piece of software that allows multiple operating systems to run on a single physical device. It creates and manages virtual machines, each of which can run its own operating system and applications.  Hypervisors are often used in situations where it is necessary to run multiple operating systems on a single device. For example, a developer may use a hypervisor to test software on multiple operating systems without the need for multiple physical devices.  There are two main types of hypervisors: Type 1 and Type 2.  Type 1 hypervisors, also known as native or bare-metal hypervisors, run directly on the host’s hardware and manage the virtual machines. These hypervisors are often used in enterprise environments, as they offer improved performance and security. Examples of Type 1 hypervisors include VMware ESXi and Microsoft Hyper-V.   Type 2 hypervisors, also known as hosted hypervisors, run on top of a host operating system and manage the virtual machines. These hypervisors are often easier to install and use, but may not offer the same performance and security as Type 1 hypervisors. Examples of Type 2 hypervisors include VMware Workstation and Oracle VirtualBox.  Hypervisors are useful for a variety of purposes, including testing and development, consolidation of servers, and running multiple applications on a single device. They have become an essential tool for many businesses and organizations, and their use is likely to continue growing in the future. I’m sure hypervisor and virtual machine might look like they are the same but they are quite different.  What are the differences between virtual machines and hypervisors? A virtual machine (VM) is a software-based emulation of a computer system,

What is Virtualisation, virtual machine, and hypervisor? Read More »

Kali Linux Explained

Leave a Comment / WebT /

Kali Linux is something you must have heard before and you might also have been told how important and useful it is for professionals in cybersecurity and [penetration testing. This post is aimed at helping you have a good overview of Kali Linux and how to even have it on your personal computer. Kali Linux is a free and open-source operating system designed for digital forensics and penetration testing. It is based on the Debian Linux distribution and is developed and maintained by Offensive Security.  Kali Linux includes a wide range of tools and utilities for tasks such as network security assessments, vulnerability scanning, and penetration testing. It also includes a custom desktop environment and a large repository of pre-installed software.  Kali Linux is primarily used by cybersecurity professionals and researchers, but it can also be used by individuals who want to learn more about cybersecurity and network security.  It is important to note that Kali Linux is a powerful operating system with a wide range of tools and utilities that can be used for both legal and illegal purposes. It is important to use Kali Linux responsibly and only for lawful purposes.  And I know I did talk about terms that are probably unfamiliar like Open-source and Debian-based. The term open source is a term you would be hearing a lot about once you’re journeying into cyber-security. Consider Open-Source as a piece of software where the source code is made freely available. In a much clearer form, some software can just be installed or downloaded and all you get is working software but with open-source software, you get the software, the full source code and that’s whatever makes up the software and you’re able to modify it however pleases you.Debian-based means that Linux is based on Debian and Debian should just be seen as a Linux distribution that is composed of open-source software. Now that that is all clarified, I’m sure you want to know more about KaliLinux and understand why it’s quite desirable when learning about cybersecurity and penetration testing. There are quite a lot of operating systems out there and the widely used ones are personal computers like Windows and MAC OS but these can’t be used for practical cybersecurity and penetration testing suitably. Kali Linux on the other hand is like an OS built and customized for penetration testing. The big deal about Kali Linux is listed below. It is completely free of charge to use and Kali did promise that it will always be completely free. It is completely customizable and you can have it customized anyhow you like it. It has got hundreds of tools to help with learning cybersecurity and penetration testing It has got multi-language support and that means you can operate it in your native language and finally, It is open source and you’re free to tweak the source code that goes into Kali Linux. The interesting thing about Kali Linux is you have to understand the tools in it, and how to use it and you also need to understand Kali Linux on its own because as the saying goes “You need to learn how to walk before you can be bothered about how to run.To get things started with Kali Linux, the video below should give you an overview on how to install Kali Linux on your PC. Be kind enough to subscribe to the channel and turn on post notifications as there is going to be tonnes of video more to come on things related to Kali Linux.

Kali Linux Explained Read More »

Nessus by Tenable image

Vulnerability Scanning with Nessus

Leave a Comment / Information Gathering, Pentest /

Scanning in a cybersecurity context can be regarded as the means to identify or detect live hosts, services, ports, and architecture of a system meant to be targeted. Architecture in a cybersecurity context is basically what the system is made up of or what it is built around. This involves but is not limited to the Operating System, services it’s running e.t.c. I did talk about why scanning should be done exhaustively briefly earlier on and this is basically because whatever gets picked during a scan is what would be researched just to perform exploitation. Scanning is quite a wide topic to talk about and there are quite a lot of ways to get scanning done and when it comes to scanning, try not to settle for only a method or tool, just like performing reconnaissance or information gathering, scanning should be done exhaustively. The main reason why I did say scanning should be done exhaustively would be explained in detail later on. Thus, scanning should be done exhaustively just so a lot of information can be noted down. Furthermore, scanning is also quite ideal when it comes to finding vulnerabilities within a network and threats within any given network. There is a huge misconception between vulnerability and threat in cyber security and I would try and get this clarified shortly. Nessus is one of the vulnerability scanners out there and I remember a couple of years back when I first got introduced to this amazing piece of tool, I was shocked at how powerful it was. Nessus is a vulnerability scanner and before I dive deep into it, I believe I should clear up a misconception related to the difference between vulnerability, risk, and threat. When it comes to cybersecurity and penetration testing, Most people think they are the same but I’m happy to let you know there’s a difference between both and I would give you a technical difference as well as a real-life scenario as to why it’s different. Vulnerabilities can simply be seen as a weakness in an asset and this could be hardware, software, web servers, website, and procedures e.t.c. Just see vulnerability as a loophole a hacker needs to hack a system. Threat on the other hand is something that capitalizes on a vulnerability and is capable of damaging or destroying an asset. While risk is the possibility for assets to be damaged or destroyed. Now let us look at a real-life scenario detailing this. Consider you have a warehouse where you’re storing some valuable belonging of yours, and the door to this warehouse is a very old door that can be brought down by just a kick. The door being very old is the VULNERABILITY in this instance, the possibility of you losing your belongings is the RISK and the THREAT in this instance would originate from this old door in your warehouse. It might look like the same but you need to understand the fact that there would be no threat in the absence of a vulnerability. Diving right back into Nessus, it is a vulnerability assessment tool by Tenable. It is quite beginner-friendly as this is a Graphical User interface tool(GUI). Nessus’ capabilities are endless because it is capable of performing; Network scans Host discovery Mobile Device Scan Malware scan Web Application vulnerability scan and a whole bunch of other stuff. According to Tenable, Nessus is #1 in Accuracy and coverage.  Furthermore, it should be noted that this is a subscription-based service and payment needs to be made to Tenable to access this tool. However, there is still a free version that can be used to explore without having to pay any fee. Finally, the video below dives into how to get started with Nessus and how to also install it on your computer system, and finally, it showcases Nessus in action.

Vulnerability Scanning with Nessus Read More »

Email inbox image

Email address gathering

Leave a Comment / Information Gathering, Pentest /

In the context of penetration testing, email address gathering refers to the process of collecting email addresses for the purpose of conducting a security assessment. This can involve collecting email addresses from various sources, such as the organization’s website, social media accounts, and public databases.  Email address gathering is quite important in penetration testing for a variety of reasons, many of which I will be explaining soon. You should also understand that there are a whole lot of ways to gather the email address of an organization/web application we are trying to perform penetration testing on. Many of these ways are tedious, don’t come up with the result needed and some methods are just not practical enough and finally, some are not viable when it comes to real-life applicability. You might be wondering why it’s necessary to gather email addresses but having the email address of people that work within an organization is useful when there is a need to perform social engineering during a penetration test, and thus we know where to channel our energy. It might be really useful to have the email address of people within an organization because that would enable us to know about their email address structure as well maybe it is first.lastname@company.com or whichever way it is. Below are listed ways to gather the email address of people that work within an organization.

Email address gathering Read More »

Target image

Hidden Facts About Identifying a Penetration Testing Target

Leave a Comment / Information Gathering, Pentest /

In cybersecurity, the term “target” can refer to a number of different things, depending on the context. Generally, a target is a specific asset or system that an attacker is seeking to compromise or exploit. It could be a computer, a network, a web application, or any other type of digital system that has vulnerabilities or weaknesses that an attacker can exploit.  For the sole purpose of this topic, I would be reviewing some popular platforms where you can find a target to practice your penetration testing skills on and I would also be explaining the fine print. Finally, i would be talking about the laws governing cyber security and penetration testing in the United Kingdom. Kindly take a few minutes to read through the disclaimer as it would be very helpful for this topic. When it comes to finding an asset we would be performing tests on, of course, there are labs for penetration testing on platforms out there but the labs are meant to be solved in some way and thus, you get to learn whilst you’re solving these penetration testing labs. But, real-life practicality is missing. It would interest you to know that there are thousands of companies out there who would let you perform penetration tests on their asset and should you find any vulnerability or bug, you get paid. That does sound interesting but it’s no easy task. Before giving you ways to locate these companies/organisations that would let you perform penetration tests on their asset, it’s best to explain the fine print behind these types of tasks to you so you do not end up in jail. When these companies list out an asset for penetration testing to be performed on, they reasonably do not expect you to just perform DDOS using HOIC or LOIC because that would be an unreasonable thing to do. They give out specific guidelines alongside the listing and taking the time to read through these guidelines would guarantee you of being a free man/ woman and not winding up in jail. I understand there’s been a couple of jail talks now and this is because in cybersecurity before penetration tests can be conducted; you need to have been given the consent and go ahead to do so. You can’t just try out things you learned online on a website that is not giving you your expected refunds or try to try out things on websites you detest. it’s not DONE and you do not perform penetration testing if you’ve not been authorised to do so. Please do not perform penetration tests on assets if you have not been authorised to do so. In the United Kingdom where I reside, there are several laws that govern the conduct of penetration testing.  The Computer Misuse Act 1990 is the primary legislation that covers cybercrime in the UK. It criminalizes unauthorized access to computer systems and data, as well as the distribution of malicious software. While the act does not explicitly mention penetration testing, it does provide an exemption for “the person who has the permission of the owner or other lawful authority.” This means that if a penetration tester has the explicit permission of the system owner to conduct the test, they are not breaking the law.  Another relevant law is the Data Protection Act 2018, which regulates the processing of personal data in the UK. It requires organizations to have appropriate safeguards in place to protect personal data from unauthorized access, use, or disclosure. During a penetration test, personal data may be accessed and processed, so it is important for testers to ensure that they have the necessary permissions and that they follow the requirements of the act.  There are also industry-specific regulations that may apply to penetration testing, such as the Payment Card Industry Data Security Standard (PCI DSS) for organizations handling credit card transactions, and the General Data Protection Regulation (GDPR) for organizations operating in the European Union.  In addition to these laws, there are also best practices and guidelines that penetration testers should follow in order to ensure that their work is ethical and respectful of the rights of others. For example, the Open Web Application Security Project (OWASP) has published a list of guidelines for ethical hacking, which includes recommendations such as obtaining prior consent, avoiding causing damage or disruption, and respecting the privacy of individuals.  In summary, the laws governing penetration testing in the UK are designed to protect against cybercrime and ensure the proper handling of personal data. As long as testers have the necessary permissions and follow relevant laws and guidelines, they can conduct ethical hacking activities to help organizations improve their security.  Back to the topic, companies that list out their assets for penetration testing to be conducted on do give out something called “SCOPE”. Now what does scope in penetration testing means? In the context of penetration testing, scope refers to the specific systems, networks, or applications that are included in the test. It is important to know the scope of a penetration test before tests are carried out, as it helps to ensure that the test is focused and relevant to the organization’s needs.  The scope of a penetration test can be determined in a number of ways, depending on the goals and objectives of the test. Some common considerations for determining the scope of a penetration test include:  The assets or systems that are most critical to the organization’s operations. These may be prioritized for testing in order to ensure that they are secure.  The vulnerabilities or weaknesses that the organization is most concerned about. These may be the focus of the test in order to identify and address potential risks.  The types of attacks that the organization is most likely to encounter. This may include specific types of malware, network vulnerabilities, or web application vulnerabilities.  The resources that are available for the test. This may include the time and budget allocated for the test, as well as the

Hidden Facts About Identifying a Penetration Testing Target Read More »

Subdomain hunter

The Ultimate Guide To FINDING SUBDOMAINS

Leave a Comment / Information Gathering, Pentest /

Hunting subdomains is quite important when performing a web application penetration test. To start with, it would be okay to understand what domains are and then understand what subdomains are. The most simple way to understand what domain names are is to see them as an address people type into a web browser’s URL bar to visit a website. Domain names also get registered with domain name registrars. Now we know that domain names are just like google, youtube, and tobididit. Now that we understand what domain names are, it is only proper to dive into what subdomains are and why we even need to hunt them as this is what the topic focuses on basically. Subdomains can be best understood by seeing them as a little or smaller part of a domain that is much larger. It is basically a unique set of word used in creating a unique web address. Why websites have subdomains when a domain is functional is a good question to have at this point. The answer is not far-fetched, website owners tend to use it to send people to a different web address and also used to target a specific country most of the time. Suppose a big brand like Cocacola that has a headquarters in the USA has a market in Swaziland where the official language is Swazi, it would be considered unfair to them if all of Coca-Cola’s content is written in the English language, if they need to order by calling USA number and if prices are displayed using US dollar. with the help of a subdomain, Coca-Cola’s URL displaying content tailored for the people of Swaziland might be www. sz.cocacola.com.Furthermore, another thing that should be noted is knowing about a wildcard subdomain. A wildcard subdomain is also called a catch-all subdomain and this can be understood by the name it’s called. A catch-all subdomain means whether a subdomain exists or it doesn’t, it redirects us to a specific domain name. Now I’m sure you’re being curious about why we are doing this when we’re gathering information. Subdomain hunting is very necessary because we might run into a subdomain that contains information that shouldn’t be seen by us. This might be dev.donotsee.com testsite.donotsee.com & hunting subdomains during a web app pentest is important because looking at only a domain name without checking out the subdomains means getting limited to information gathered. A tool to use for this that does the job is sublister. & also crt.sh Work with owasp amass as well. Tomnonnom probe Below are videos reviewing these tools and also, be kind enough to like the video, subscribe to the channel, and also leave a comment if you find it helpful.

The Ultimate Guide To FINDING SUBDOMAINS Read More »

Subscribe to our newsletter

Don’t miss out, stay tuned.

Contact

  • hello@tobididit.com

Quick Links

Social

Twitter Youtube Instagram Linkedin
Tobididit Homepage logo

© Copyright 2022 tobididit. All right reserved.