Lazy Hacker

Create a Bot for the Telegram Alert Open Telegram messenger, sign in to your account or create a new one Enter @Botfather in the search tab and choose this bot. (Official Telegram bots have a blue checkmark beside their name.) Click “Start” to activate BotFather bot.In response, you receive a list of commands to manage bots. Choose or type the /newbot command and send it. Choose a name for your bot — your subscribers will see it in the conversation. And choose a username for your bot — the bot can be found by its username in searches. The username must be unique and end with the word “bot.” Copy the token value. How to Create a New Bot for Telegram: https://sendpulse.com/knowledge-base/chatbot/telegram/create-telegram-chatbot How to Get Your Telegram Chat ID:   https://diyusthad.com/2022/03/how-to-get-your-telegram-chat-id.html In your Telegram account, search for “@myidbot” or open this link t.me/myidbot on your smartphone. Start a conversation with that bot and type /getid. You will

  Mr. Robot (TV Series 2015-2019) Citizenfour (2014) CyberHell (Exposing An Internet Horror) Hacker 2016 Live Free or Die Hard 2007 Snowden 2016 Blackhat 2015 Who AM I 2014 Trust No One: The Hunt for the Crypto King Web of Make Believe: Death, Lies and the Internet

Regular phishing awareness should be done in the organization. Regular 2FA/MFA hacking awareness should be done in the organization. The Phishing campaign should be run internally in the organization to check the employee's awareness. Reward the employees if they successfully pass the phishing internal check . So that all other employees remember it. Reward the employees who tell about the phishing email or any phishing activity. This creates a positive impact in the organization and the team. The common misconception people have with the standard form of MFA (SMS, Touch, Push) is that it prevents social engineering . Although it MFA protects against an attack, it's commonly still vulnerable to a MITM phishing attack . Check the example of Uber Hack 2022   Take a regular quiz related to phishing and reward some of the employees who pass the quiz. This will motivate others. Always check the domain name while entering the username and password. Make this a habit. Block ph

Introduction to Cybersecurity Cybersecurity Essentials Networking Essentials Android Bug Bounty Hunting: Hunt Like a Rat Ethical Hacking Essentials (EHE) Digital Forensics Essentials (DFE) Network Defense Essentials (NDE) Introduction to Dark Web, Anonymity, and Cryptocurrency AWS Skill Builder Introduction to Cybersecurity Building a Cybersecurity Toolkit Cyber Aces Free Cyber Security Training Course Introduction to Information Security Penetration Testing - Discovering Vulnerabilities

  Steps: 1. Install WSL2 Open Powershell as Administrator and run the below command. If it's already installed, it will show you WSL options. Restart the system. wsl --install   https://docs.microsoft.com/en-us/windows/wsl/install 2. On Powershell run the below command and restart the system. Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux 3. In Powershell run the below command. dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart 4. Download the Linux kernel and install it. https://wslstorestorage.blob.core.windows.net/wslblob/wsl_update_x64.msi 5. Open Powershell and run the below command to set WSL2 as the default version. wsl --set-default-version 2 6. Recheck the WSL version in Powershell. wsl --list --verbose 7. Install your Linux distribution from the Microsoft store. https://aka.ms/wslstore Ubuntu 18.04 LTS Ub

Privilege Escalation Linux Privilege Escalation · OSCP - Useful Resources Privilege Escalation - Windows · Total OSCP Guide Linux Privilege Escalation using Sudo Rights Abusing SUDO (Linux Privilege Escalation) - Touhid M.Shaikh Basic Linux Privilege Escalation rebootuser/LinEnum: Scripted Local Linux Enumeration & Privilege Escalation Checks Windows Privilege Escalation · OSCP - Useful Resources Spawning a TTY Shell Linux Privilege Escalation Using PATH Variable Windows Weak Service Permissions | Penetration Testing Lab Windows elevation of privileges Windows Privilege Escalation - AwanSec OSCP Notes – Privilege Escalation (Windows) – Securism FuzzySecurity | Windows Privilege Escalation Fundamentals Start or stop Windows service from command line (CMD) Reverse Shell php-reverse-shell | pentestmonkey Reverse Shell Cheat Sheet | pentestmonkey jondonas/linux-exploit-suggester-2: Next-Generation Linux Kernel Exploit Suggester OSCP-PwK/check-exploits.py at master · so87/OSCP-PwK OSCP-

sed -r 's/\s+//g' filename.txt cat  filename .txt | tr -d " \t\r"  cat filename.txt | sed '/^$/d;s/[[:blank:]]//g' echo "Hello my name is Donald" | sed  s/\ //g cat filename.txt | sed '/^$/d;s/[[:blank:]]//g'

Certificate Transparency is the open-source framework for the certificate authorities (CAs) under which they log the certificates to the domain name owners. In this way, anyone can see which CA has issued a certificate for which domains. It is like the inventory of all certificates, certificate authorities, and domains. Why do we need Certificate Transparency? By compromising the infrastructure of the certificate authority, the adversary can maliciously issue the certificates by the certificate authority without the consent of CA. The certificate authority can mistakenly issue a certificate to the wrong owner. The problem with the previous CAs infrastructure was that there was no effective way to audit or monitor SSL certificates in real-time. So, when any missteps or malicious activities happen, the suspect certificate was not usually detected and revoked for weeks or months. These miss issues of certificates were used to spoof a legitimate website or to install malicious software etc

The website holder generates the “public key” and “private key”. The website holder sends the “public key” with some other information like holder name, subject, serial number, signature algorithm, signature, etc to the certificate authority. The certificate authority verifies the data provided by the Website holder then builds the certificate and finally digitally signs it for the holder. A certificate is a document that contains necessary information about the website holder like the holder's public key, expiration date, name of the certificate holder, and the digital signature of the certificate-issuing authority. CA send the certificate to the website holder. The holder configures the certificate in the server.

  Domain Name System Security Extensions (DNSSEC) is used to protect the integrity and authenticity of the data in DNS by establishing a chain of trust. Before an understanding of DNSSEC, first, understand the basics of DNS: What are the DNS functionalities? DNS is used to translate the domain names to IP addresses or vice-versa. DNS works on both TCP and UDP but normally works on UDP port 53. TCP port 53 used when very large requests and responses, for example, Zone Transfer. www.example.com  = 192.168.1.10 192.168.1.10 =  www.example.com Why DNS? Domain names are alphabet and they are easier to remember that is why we user domain name. In the old solution, the host.txt file needs to be regularly update that was distributed to all hosts on the Internet. Issues with old solutions are: The file becomes huge after some time Need to regularly update Need to maintain name uniqueness How does it work? When you enter a domain name in the browser ( www.google.com ), it first tries to resolve