miércoles, 31 de mayo de 2023

Top Users Command In Linux Operating System With Descriptive Definitions


Linux is a command line interface and has a graphical interface as well. But the only thing we should know how we interact with Linux tools and applications with the help of command line. This is the basic thing of Linux.  As you can do things manually by simple clicking over the programs just like windows to open an applications. But if you don't have any idea about commands of Linux and definitely you also don't know about the Linux terminal. You cannot explore Linux deeply. Because terminal is the brain of the Linux and you can do everything by using Linux terminal in any Linux distribution. So, if you wanna work over the Linux distro then you should know about the commands as well.
In this blog you will get a content about commands of Linux which are collectively related to the system users. That means if you wanna know any kind of information about the users of the system like username passwords and many more.

id

The "id" command is used in Linux operating system for the sake of getting knowledge about active user id with login and group. There may be different users and you wanna get a particular id of the user who is active at that time so for this you just have to type this command over the terminal.

last

The "last" command is used in Linux operating system to show the information about the last logins on the system. If you forget by which user id you have logged in at last time. So for this information you can search login detail by using this command.

who

The "who" command is used in Linux distributions to display the information about the current user which a an active profile over the Linux operating system. If you are in the system and you don't know about that active user and suddenly you have to know about that user detail so you can get the info by using this command.

groupadd

The "groupadd admin" is the command which is used in Linux operating system to add a group in the Linux system to gave the privileges to that group.

useradd

The "useradd" command is used in Linux operating system to add user or users to a specific group. If you wanna add a user name Umer so for this matter you just have to write a command i.e. useradd -c "Umer".

userdel

The "userdel" command is used in Linux operating system for the purpose to delete any user or users from the particular group present in the linux operating system. For example "userdel Umer" this command will delete the user named Umer.

adduser

The "adduser" command is a simple command used to create directly any user in the system. There is no need to make a group for this. You just have to type the command with user name like adduser Umer, it will created a user by name Umer.

usermod

The "usermod" is a command used in Linux operating system to modify the information of any particular user. You can edit or delete information of any particular user in the Linux operating system.


More articles


Publicado por en No hay comentarios:

How Do I Get Started With Bug Bounty ?

How do I get started with bug bounty hunting? How do I improve my skills?



These are some simple steps that every bug bounty hunter can use to get started and improve their skills:

Learn to make it; then break it!
A major chunk of the hacker's mindset consists of wanting to learn more. In order to really exploit issues and discover further potential vulnerabilities, hackers are encouraged to learn to build what they are targeting. By doing this, there is a greater likelihood that hacker will understand the component being targeted and where most issues appear. For example, when people ask me how to take over a sub-domain, I make sure they understand the Domain Name System (DNS) first and let them set up their own website to play around attempting to "claim" that domain.

Read books. Lots of books.
One way to get better is by reading fellow hunters' and hackers' write-ups. Follow /r/netsec and Twitter for fantastic write-ups ranging from a variety of security-related topics that will not only motivate you but help you improve. For a list of good books to read, please refer to "What books should I read?".

Join discussions and ask questions.
As you may be aware, the information security community is full of interesting discussions ranging from breaches to surveillance, and further. The bug bounty community consists of hunters, security analysts, and platform staff helping one and another get better at what they do. There are two very popular bug bounty forums: Bug Bounty Forum and Bug Bounty World.

Participate in open source projects; learn to code.
Go to https://github.com/explore or https://gitlab.com/explore/projects and pick a project to contribute to. By doing so you will improve your general coding and communication skills. On top of that, read https://learnpythonthehardway.org/ and https://linuxjourney.com/.

Help others. If you can teach it, you have mastered it.
Once you discover something new and believe others would benefit from learning about your discovery, publish a write-up about it. Not only will you help others, you will learn to really master the topic because you can actually explain it properly.

Smile when you get feedback and use it to your advantage.
The bug bounty community is full of people wanting to help others so do not be surprised if someone gives you some constructive feedback about your work. Learn from your mistakes and in doing so use it to your advantage. I have a little physical notebook where I keep track of the little things that I learnt during the day and the feedback that people gave me.


Learn to approach a target.
The first step when approaching a target is always going to be reconnaissance — preliminary gathering of information about the target. If the target is a web application, start by browsing around like a normal user and get to know the website's purpose. Then you can start enumerating endpoints such as sub-domains, ports and web paths.

A woodsman was once asked, "What would you do if you had just five minutes to chop down a tree?" He answered, "I would spend the first two and a half minutes sharpening my axe."
As you progress, you will start to notice patterns and find yourself refining your hunting methodology. You will probably also start automating a lot of the repetitive tasks.

Continue reading


Publicado por en No hay comentarios:

Networking | Routing And Switching | Tutorial 2 | 2018


Welcome to my 2nd tutorial of the series of networking. In this video I've briefly described peer to peer network (P2P). Moreover, you'll see how to make a peer to peer network? How it's working? How we can intercept traffic over the network by using Wireshark? and many more. Wireshark tool is integrated with eNSP so it'll be installed automatically when you install the eNSP. On the other hand, you can install the Wireshark for your personal use from its website.

What is Peer to Peer (P2P) network? 

As when devices are connected with each other for the sake of communication that'll be known as a Network. Now what is peer to peer network? In P2P network each and every device is behaving like a server and a client as well. Moreover They are directly connected with each other in such a way that they can send and received data to other devices at the same time and there is no need of any central server in between them.

There is a question that mostly comes up into our minds that  Is it possible to capture data from the network? So the answer is yes. We can easily captured data from the network with the help of tools that have been created for network troubleshooting, so whenever there will be some issues happening to the network so we fixed that issues with the help of tools. Most usable tool for data capturing that every network analyst used named Wireshark but there are so many other tools available over the internet like SmartSniff, Ethereal, Colasoft Capsa Network Analyze, URL Helper, SoftX HTTP Debugger and many more.

What is Wireshark?

Wireshark is an open source network analyzer or sniffer used to capture packets from the network and tries to display the brief information about the packets. It is also used for software and communication protocol development. Moreover, Wireshark is the best tool to intercept the traffic over the network.


Continue reading


Publicado por en No hay comentarios:

martes, 30 de mayo de 2023

$$$ Bug Bounty $$$

What is Bug Bounty ?



A bug bounty program, also called a vulnerability rewards program (VRP), is a crowdsourcing initiative that rewards individuals for discovering and reporting software bugs. Bug bounty programs are often initiated to supplement internal code audits and penetration tests as part of an organization's vulnerability management strategy.




Many software vendors and websites run bug bounty programs, paying out cash rewards to software security researchers and white hat hackers who report software vulnerabilities that have the potential to be exploited. Bug reports must document enough information for for the organization offering the bounty to be able to reproduce the vulnerability. Typically, payment amounts are commensurate with the size of the organization, the difficulty in hacking the system and how much impact on users a bug might have.


Mozilla paid out a $3,000 flat rate bounty for bugs that fit its criteria, while Facebook has given out as much as $20,000 for a single bug report. Google paid Chrome operating system bug reporters a combined $700,000 in 2012 and Microsoft paid UK researcher James Forshaw $100,000 for an attack vulnerability in Windows 8.1.  In 2016, Apple announced rewards that max out at $200,000 for a flaw in the iOS secure boot firmware components and up to $50,000 for execution of arbitrary code with kernel privileges or unauthorized iCloud access.


While the use of ethical hackers to find bugs can be very effective, such programs can also be controversial. To limit potential risk, some organizations are offering closed bug bounty programs that require an invitation. Apple, for example, has limited bug bounty participation to few dozen researchers.
More articles
Publicado por en No hay comentarios:

October 2019 Connector

OWASP
Connector
October 2019

COMMUNICATIONS


Letter from the Vice Chairman of the Board

Dear OWASP Community,  

Two of the primary initiatives the foundation staff has been working on over the past few months were the two back to back Global AppSec Events in DC and Amsterdam.  This was a huge undertaking by everyone involved.  We are pleased to announce that the survey feed back is positive and both events were well attended.  I was in attendance of Global AppSec Amsterdam and it was great meeting and speaking with old friends and meeting new ones.  I would also like to take this opportunity, on behalf of the board to thank OWASP staff for their efforts in making the two conferences so successful. 

To continuing on with the events theme; I'm really happy to announce the locations of our 2020 OWASP Global AppSec Conferences.  The first one will be June 15 - 19, 2020 in Dublin and the second will be October 19 - 23, 2020 in San Francisco.  Dublin is not an exotic trip for me, more of a 10 minute tram ride.  Hopefully you will join us, while also making the most of the culture and scenery that Ireland has to offer.   

Last but not least, the OWASP Global Board of Directors election results where released Thursday October 17, 2019. I'd like to first thank everyone who has put their trust in me by voting me back onto the board for the next two years. I hope I do you justice.

I would also like to thank the large number of candidates that were willing to give of their personal time and run to be part of the Global OWASP Board.  This is a testament of the dedication and commitment of our members to continue to grow and evolve to the next level as an organization.  I encourage those that were not elected will still be involved in making a positive change by volunteering to be part of a committee.  The board and staff need all the help they can get to push through change. I hope you will join us in this journey.  We can not be successful without the help of the community. 

Until next time, 
Owen Pendlebury 
Vice Chairman, OWASP Global Board of Directors 
OWASP Global Board Election Results 
 
The newly elected 2020 OWASP Board Members:
Grant Ongers
Owen Pendlebury
Sherif Mansour
Vandana Verma Sengal
 
Congratulations, and thank you to all the candidates that participated and the OWASP members that voted. 
OWASP Foundation Global AppSec Event Dates for 2020

Global AppSec Dublin, June 15 - 19, 2020

Global AppSec San Francisco, October 19 - 23, 2020


Visit our website for future announcements.

EVENTS 

You may also be interested in one of our other affiliated events:


REGIONAL EVENTS
Event Date Location
BASC 2019 (Boston Application Security Conference) October 19,2019 Burlington, MA
LASCON X October 24 - 25, 2019 Austin, TX
OWASP AppSec Day 2019 Oct 30 - Nov 1, 2019 Melbourne, Australia
German OWASP Day 2019 December 9 - 10, 2019 Karlsruhe, Germany
AppSec California 2020 January 21 - 24, 2020 Santa Monica, CA
OWASP New Zealand Day 2020 February 20 - 21, 2020 Auckland, New Zealand
Seasides 2020 March 3 - 5, 2020 Panjim Goa, India
SnowFROC 2020 March 5, 2020 Denver, CO

GLOBAL PARTNERSHIP EVENTS
Event Date Location
BlackHat Europe 2019 December 2 - 5, 2019 London


BlackHat Europe 2019 London at EXCEL London
2019 December 2-5 
Visit the OWASP Booth 1015
Business Hall December 4 & 5 
December 4, 10:30 AM - 7:00 PM
December 5: 10:00 AM - 4:00 PM

OWASP Members are eligible for € 200.00 discount , email marketing@owasp.org for code to use when registering.

PROJECTS

Projects were well-represented at the previous two Global AppSec conferences in DC and Amsterdam this past month.  Both events featured the popular Project Showcase and I heartily thank the leaders of the projects who participated:

Secure Medical Device Deployment Standard
Secure Coding Dojo
API Security Project
Dependency Check
SAMM
SEDATED
DefectDojo
Juice Shop
ModSecuity Core Rule Set
SecurityRAT
WebGoat

These leaders put on a great set of presentations and, in many cases, the room was standing room only.  Thank you!

The project reviews that were done in DC and Amsterdam are still being evaluated and worked on; if you are waiting on answers, please have patience.  I hope to have them finalized by November.

The website migration continues moving forward.  The process of adding users to the proper repositories is an on-going effort.  If you have not given your GitHub username, please drop by the Request for Leader Github Usernames form.  A nice-to-accomplish goal would be to have the projects and chapters in their new website homes within the next 30 days.

Harold L. Blankenship
Director of Technology and Projects

COMMUNITY

Welcome to the New OWASP Chapters 
Sacramento, California
Marquette, Michigan
Ranchi, India
Paraiba, Brazil
Calgary, Canada 

CORPORATE MEMBERS 

 
Premier Corporate Member
Contributor Corporate Members

*Ads and logos are not endorsements and reflect the messages of the advertiser only. *
Join us
Donate
Our mailing address is:
OWASP Foundation 
1200-C Agora Drive, #232
Bel Air, MD 21014  
Contact Us
Unsubscribe






This email was sent to *|EMAIL|*
why did I get this?    unsubscribe from this list    update subscription preferences
*|LIST:ADDRESSLINE|*

Publicado por en No hay comentarios:
Suscribirse a: Entradas (Atom)