https://www.shagun.xyz/categories/security/Recent content in Security on Shagun Attri | shagun.xyz | Product ManagerHugoenThis work is licensed under Creative Commons Attribution 4.0 International License.Sun, 06 Apr 2025 21:08:27 +0530https://www.shagun.xyz/blog/wiz/Mon, 31 Mar 2025 00:00:00 +0000https://www.shagun.xyz/blog/wiz/The Biggest Deal Yet in 2025 When the news broke about Google acquiring Wiz for $32 billion, I wasn’t just reading another tech headline—I was watching a chapter close in a journey I’ve been following from the trenches. Having worked in cybersecurity for a few years now, and directly with the Wiz team as part of their technology partner program for a few years, this acquisition feels personal to me in ways that most industry news doesn’t.https://www.shagun.xyz/blog/phishing/Sat, 08 Apr 2023 00:00:00 +0000https://www.shagun.xyz/blog/phishing/Often times we come across information that doesn’t really hit in the moment but one day out of the blue, it all starts making sense. Well that is how information and thinking works. Back in the day, information was guarded and not accessible to all. Education was privileged and only accessible to those who belonged to higher social status. Feels unfair, right? Why should the top 1% have all the access to years of wisdom?https://www.shagun.xyz/blog/networksecurity/Fri, 28 Jan 2022 00:00:00 +0000https://www.shagun.xyz/blog/networksecurity/This blogs covers the basic introduction of topics related to Network Security from various resources I used to learn and note my learnings about the topic. CIA Triad Confidentiality Integrity Availability DAD Triangles Disclosure Alteration Denial CIA and DAD are mutually exclusive. Want the CIA points not the DAD points Nonrepudiation Not being able to deny having sent a message Leads to integrity. Access Control Defines the degree of permission granted to a resourcehttps://www.shagun.xyz/blog/passwordtips/Thu, 11 Mar 2021 00:00:00 +0000https://www.shagun.xyz/blog/passwordtips/Tips for Better Passwords. Recently in my intership with Sennovate,I am writing a few blogs as a technical blogger regarding some security topics and tips for the internet.This one is about passwords.In a few points I have discussed about the tips I would give anyone for a better making a better password/passphrase and Internet Hygiene.So check it out and let me know if there are any other points you would like to add upon that I missed.https://www.shagun.xyz/blog/printerhacking101/Wed, 30 Sep 2020 00:00:00 +0000https://www.shagun.xyz/blog/printerhacking101/Printer Hacking Learn about (and get hands on with) printer hacking and understand the basics of IPP. Unit 2 Task #1 What port does IPP run on? Google is your friend. 63? Unit 3 Task #1 How would a simple printer TCP DoS attack look as a one-line command? Look around, the answer is hiding in plain sight. http://hacking-printers.net/wiki/index.php/Printer_Security_Testing_Cheat_Sheet while true; do nc printer 9100; ???? Task 2 Review the cheat sheet provided in the task reading above.https://www.shagun.xyz/blog/c4ptur3-th3-fl4g/Tue, 29 Sep 2020 00:00:00 +0000https://www.shagun.xyz/blog/c4ptur3-th3-fl4g/c4ptur3-th3-fl4g A beginner level CTF challenge Task #1 c4n y0u c4p7u23 7h3 f149? Understanding leet text shouldn’t be hard,and if you get stuck use Universal Leet (L337, L33T, 1337) Converter Decrypted: can you capture the flag Task #2 01101100 01100101 01110100 01110011 00100000 01110100 01110010 01111001 00100000 01110011 01101111 01101101 01100101 00100000 01100010 01101001 01101110 01100001 01110010 01111001 00100000 01101111 01110101 01110100 00100001 Straight of this is binary code and to decode it you can either use pen and paper or use rapidTables to decode the text.https://www.shagun.xyz/blog/passwordbreaches/Tue, 15 Sep 2020 00:00:00 +0000https://www.shagun.xyz/blog/passwordbreaches/Password breaches and it’s Types As a Developer and software engineer it is always a priority to make the perfect software solution with the best security policies implemented. Passwords are often a way to secure products and act as a barrier to access information of an individual or major corporations. We hear about these passwords being leaked and breached by hackers on the internet being referred to as password breaches.https://www.shagun.xyz/blog/metasploit/Sat, 12 Sep 2020 00:00:00 +0000https://www.shagun.xyz/blog/metasploit/Metasploit, an open-source pentesting framework, is a powerful tool utilized by security engineers around the world. Maintained by Rapid 7, Metasploit is a collection of not only thoroughly tested exploits but also auxiliary and post-exploitation tools. Throughout this room, we will explore the basics of using this massive framework and a few of the modules it includes. Metasploit does support different types of port scans from within the auxiliary modules. Metasploit can also import other scans from nmap and Nessus just to name a few.https://www.shagun.xyz/blog/shellscripting/Mon, 06 Jul 2020 00:00:00 +0000https://www.shagun.xyz/blog/shellscripting/Shell Scripting Shell scripting is an important utility to improve your workflow and automate tasks. Check out my Understanding the shell blogpost to understand the basics of shell. Though shell scripting is not fast as compared to your C programs it is useful if you are looking to run regular tasks and schedule jobs on your system. In this article I’ll try to highlight a few tips and ways to improve,understand shell scripting a little better.https://www.shagun.xyz/blog/shell/Tue, 30 Jun 2020 00:00:00 +0000https://www.shagun.xyz/blog/shell/Shell Bourne Again SHell, or “bash” In computing, a shell is a user interface for access to an operating system’s services. In general, operating system shells use either a command-line interface (CLI) or graphical user interface (GUI), depending on a computer’s role and particular operation. It is named a shell because it is the outermost layer around the operating system. Useful Shell Tools: grep fzf broot mlocate rg tree bat and many more……….https://www.shagun.xyz/blog/opensource/Sun, 17 May 2020 00:00:00 +0000https://www.shagun.xyz/blog/opensource/Open-Source and the free software community has flourished in the recent years with developments and collaborative projects from multi-million dollar corporations to individual ninja devs across the globe many systems across the globe rely on opensource software and their maintainers. From servers running the linux kernel to sending encrypted emails with confidential data,opensource libraries and projects have made the software world flourish with projects like flutter,to the code editor I’m using to write this blog Vscode,the framework that is used to serve this website Hugo,to the shell that I run on my computer oh-my-fish are made possible by countless opensource software contributors on platforms like Github,Gitlab and Bitbucket that have made this dream come true.https://www.shagun.xyz/blog/encoding_encryption_hashing/Mon, 04 May 2020 00:00:00 +0000https://www.shagun.xyz/blog/encoding_encryption_hashing/Encoding, Encryption, and Hashing are terms that are often confused with each other. Securing things is important and you need tools and technologies to secure products. Encoding,Encryption and hashing are techniques to convert the format of data and play a important role in the infosec world in terms of securing data. There is often significant confusion around the differences between encryption, encoding, hashing, ENCODING Encoding is to transform data so that it can be properly (and safely) be consumed by a different type of system,whether it be sending binary data over email, or viewing special characters on a web page.https://www.shagun.xyz/blog/osint/Sun, 26 Apr 2020 00:00:00 +0000https://www.shagun.xyz/blog/osint/Malicious actors have been using specially crafted tools to collect information (like the police have search tools across a number of databases) and data companies collect so much information about us that a lot of free tools (OSINT) can be used to collect that information. So, what does an innocent individual have in their arsenal to defend himself? Knowing what information is out there using OSINT tools. Digital Footprint Your digital footprint comprises every email you’ve ever sent, every post you’ve shared on social media, or every picture you’ve taken and uploaded on Instagram.https://www.shagun.xyz/blog/protecting_your_digital_self/Sat, 25 Apr 2020 00:00:00 +0000https://www.shagun.xyz/blog/protecting_your_digital_self/This simple advice will help to protect you against hackers and government surveillance. The internet today is filled with news of breached and compromised accounts on various platforms and how the governments are able to surveil there own citizens. The question now is Whether the government is the good guy or the bad guy and I certainly have had a hard time figuring it out. Well if you are like, “I got nothing to hide” then you should probably reconsider.