Learn As I Learn

Episode 5: Firewall & Proxy Bypassing: Metasploitfor Web Recon Description: Think like an attacker! In this lab-focusedepisode, use Metasploit to perform advanced web server fingerprinting, scan forHTTP methods (GET, POST, PUT, DELETE), check for WebDAV vulnerabilities, anddiscover hidden directories. Understand how these techniques help attackersidentify initial entry points.

DHCP Dynamics: Implementing a DHCP Server in WindowsServer 2022 Description: Automate IP address assignment! Learn how toinstall and configure a DHCP server on Windows Server 2022. We'll cover settingup scopes, defining IP ranges, and verifying automatic IP distribution toclient machines like Kali Linux.

Episode 3: DNS Demystified: Installing a DNS Server in Windows Server 2022 Description: Get fluent in DNS! This episode walks you through installing and configuring a DNS server on Windows Server 2022. You'll learn to set up zones, create host records (A, MX, CNAME), and prepare Kali Linux as a DNS client to test name resolution.

Episode 1: Network Basics: Hubs vs. Switches Explained Description: Understand the core of your network! This episode uses Packet Tracer to illustrate the fundamental differences between hub and switched networks. See how data flows, the impact on efficiency, and the security implications of each.

Episode 2: Building Networks: Designing and Subnetting IP Schemes Description: Become a network architect! Learn to design and subnet IP address schemes in a simulated environment using Packet Tracer. We'll configure IP addresses for PCs and routers across different subnets and verify connectivity, essential for scalable and secure networks.

We'll cover:1. Network Basics: Hubs vs. Switches2. Building Networks: Designing andSubnetting IP Schemes Description 3.DNS Demystified: Installing a DNS Serverin Windows Server 2022 Description4: DHCP Dynamics: Implementing a DHCP Serverin Windows Server 2022 Description5: Firewall & Proxy Bypassing: Metasploitfor Web Recon Description6: Firewall & Proxy Bypassing: Nikto forEvasion & Vulnerability Scanning Description7: Vulnerability Assessment: Real-timeScanning with Nessus Description8: Network Traffic Analysis: TCP/IP, UDP, andWireshark Flags Description9: IDS/IPS Evasion & Deceptionstudy intruders.10: Web Server Security: Architecture, AttackSurface & Hardening Description

Episode 10: Locking It Down: Restricting User Accesswith File Permissions Description: Secure your sensitive data! Learn thecritical skill of restricting user access to folders using NTFS permissions inWindows Server 2022. We'll demonstrate creating new users, setting explicit"Deny" permissions, and verifying their effectiveness, highlightingthe importance of granular access control.

Episode 9: Files & Formats: Working with FAT32 andNTFS Description: Demystify file systems! This episode guides youthrough creating and managing files in both FAT32 and NTFS formats on WindowsServer 2022. You'll learn how to format drives, perform file operations, verifyallocation, and configure advanced NTFS permissions for security.

Dig deep into system memory! Learn how to illustrate the memory layout of a basic program and use advanced PowerShell commands (WMI, security-focused queries) todebug, check process integrity, detect DLL injections, and identify suspicious processes on Windows Server 2022.Commands:Get-Process | Where-Object { $_.ProcessName -eq "notepad" }Get-WmiObject -Class Win32_OperatingSystem | Select-Object TotalVisibleMemorySize, FreePhysicalMemoryGet-ProcessGet-WmiObject -Class Win32_Process | Select Name, ProcessId, ExecutablePath. For new powershell version simply use: Get-Process | Select-Object Name, Id, PathGet-WmiObject -Class Win32_Process | Select-Object Name, ProcessId, ParentProcessIdGet-WmiObject -Class Win32_Process -Filter "Name = 'notepad.exe'" | Select-Object ProcessId, Name, @{Name='Owner';Expression={$_.GetOwner().User}}Get-Process -Name notepad | Select-Object -ExpandProperty Modules | Select ModuleName, FileNameGet-WmiObject Win32_Process | Where-Object { $_.ExecutablePath -and ($_.ExecutablePath -notlike "C:\Windows\*" -and $_.ExecutablePath -notlike "C:\Program Files\*") } | Select Name, ProcessId, ExecutablePathGet-Process | Where-Object { $_.Modules.ModuleName -contains "ntdll.dll" }Get-WmiObject Win32_Process | Select-Object Name, ProcessId, CommandLineGet-Process | Sort-Object StartTime -Descending | Select-Object Name, Id, StartTime | Select-Object -First 10

Don't let errors stop you! This episode focuses on practical debugging techniques for both PowerShell and Bash scripts. We'll intentionally introduce common errors (like typos or wrong parameters) and walk through how to identify and fix them, building crucial troubleshooting skills.Powershell Script:#Script to log multiple event IDs$BeginTime = (Get-Date).AddMinutes(-20)Get-EventLog -LogName "Securityy" -After $BeginTime |Where-Object { $_.EventID -in '4624', '4625'} |Select-Object TimeGenerated, EventID, Message |Format-Table -AutoSize |Out-Files C:\EventLogs_MultipleEvents.txtBASH Script:#!/bin/bash#VariablesUSERNAME="testuser" # User accountnamePASSWORD="P@ssw0rd" # User passwordGROUP="testgroup" # Custom groupnameSSH_DIR="/home/$USERNAME/.ssh"PUB_KEY="ssh-rsa AAAAB3...your-public-key... user@kali"#Step 1: Check ifuser already existsif id "$USERNAME" &>/dev/null; then  echo "Error: User '$USERNAME'already exists!"  exit 1fi#Step 2: Create userand set passwordecho "Creating user '$USERNAME'..."useradd -m -n -s /bin/bash "$USERNAME" # Error 1: -n is an invalidoptionif [ $? -ne 0 ]; then  echo "Error: Failed to create user'$USERNAME'"  exit 1fiecho "$USERNAME:$PASSWORD" | chpasswdecho "Password set for user '$USERNAME'."#Step 3: Add user tosudoersecho "Granting sudo access to '$USERNAME'..."usermod -aG sudo "$USERNAME"if [ $? -ne 0 ]; then  echo "Error: Failed to add'$USERNAME' to sudoers"  exit 1fi#Step 4: Createcustom group and add userecho "Creating group '$GROUP' and adding user..."groupadd "$GROUP" 2>/dev/nullusermod -aG "wronggroup" "$USERNAME" # Error 2:"wronggroup" does not existif [ $? -ne 0 ]; then  echo "Error: Failed to add'$USERNAME' to group '$GROUP'"  exit 1fi#Step 5: Setup SSHkey-based authenticationecho "Setting up SSH key-based authentication..."mkdir -p "$SSH_DIR"echo "$PUB_KEY" > "$SSH_DIR/authorized_keys"chmod 600 "$SSH_DIR/authorized_keys"chmod 700 "$SSH_DIR"chown -R "$USERNAME:$USERNAME" "$SSH_DIR"if [ $? -ne 0 ]; then  echo "Error: Failed to set up SSHkeys"  exit 1fiecho "SSH keys configured for '$USERNAME'."#Step 6: Setpassword expiry to 30 daysecho "Setting password expiry policy for '$USERNAME'..."chage -M 30 "$USERNAME"if [ $? -ne 0 ]; then  echo "Error: Failed to setpassword expiry"  exit 1fi#Step 7: Logactivity to/var/log/user_setup.logLOG_FILE="/var/log/user_setup.log"echo "$(date) - User '$USERNAME' created and configured" >>"$LOG_FILE"if [ $? -ne 0 ]; then  echo "Error: Failed to write logto $LOG_FILE"  exit 1fi#Step 8:Confirmation Messageecho "Testing SSH connection to '$USERNAME'@localhosts..."ssh "$USERNAME@localhost"if [ $? -ne 0 ]; thenecho "Error: SSH connection failed."exit 1fiecho "User '$USERNAME' created and configured successfully!"

Master automation in Linux with Bash scripts! Discover how to create and debug scripts for user setup, including creating new users, setting passwords, adding them to groups, configuring SSH key-based login, and setting password expiry. We’ll also cover testing and verification.Script:#!/bin/bash#VariablesUSERNAME="Jason" # User account namePASSWORD="P@ssw0rd" # User passwordGROUP="developers" # Custom group nameSSH_DIR="/home/$USERNAME/.ssh"PUB_KEY="ssh-rsa AAAAB3...your-public-key... user@kali" # Replace with your actual public key#Step 1: Check if user already existsif id "$USERNAME" &>/dev/null; then  echo "Error: User '$USERNAME' already exists!"  exit 1fi#Step 2: Create user and set passwordecho "Creating user '$USERNAME'..."useradd -m -s /bin/bash "$USERNAME" if [ $? -ne 0 ]; then  echo "Error: Failed to create user '$USERNAME'"  exit 1fiecho "$USERNAME:$PASSWORD" | chpasswd echo "Password set for user '$USERNAME'."#Step 3: Add user to sudoersecho "Granting sudo access to '$USERNAME'..."usermod -aG sudo "$USERNAME" if [ $? -ne 0 ]; then  echo "Error: Failed to add '$USERNAME' to sudoers"  exit 1fi#Step 4: Create custom group and add userecho "Creating group '$GROUP' and adding user..."groupadd "$GROUP" 2>/dev/null usermod -aG "$GROUP" "$USERNAME" if [ $? -ne 0 ]; then  echo "Error: Failed to add '$USERNAME' to group '$GROUP'"  exit 1fi#Step 5: Setup SSH key-based authenticationecho "Setting up SSH key-based authentication..."mkdir -p "$SSH_DIR" echo "$PUB_KEY" > "$SSH_DIR/authorized_keys" chmod 600 "$SSH_DIR/authorized_keys" chmod 700 "$SSH_DIR" chown -R "$USERNAME:$USERNAME" "$SSH_DIR" if [ $? -ne 0 ]; then  echo "Error: Failed to set up SSH keys"  exit 1fiecho "SSH keys configured for '$USERNAME'."#Step 6: Set password expiry to 30 daysecho "Setting password expiry policy for '$USERNAME'..."chage -M 30 "$USERNAME" if [ $? -ne 0 ]; then  echo "Error: Failed to set password expiry"  exit 1fi#Step 7: Log activity to /var/log/user_setup.logLOG_FILE="/var/log/user_setup.log" echo "$(date) - User '$USERNAME' created and configured" >> "$LOG_FILE" if [ $? -ne 0 ]; then  echo "Error: Failed to write log to $LOG_FILE"  exit 1fi#Step 8: Confirmation Messageecho "User '$USERNAME' created and configured successfully!"

Unlock automation on Windows! We'll start with PowerShell basics, showing you how to write, execute, and expand simple scripts to display messages, get dates, list processes, and manage services. Learn to automate tasks efficiently on Windows Server 2022.Commands:.\WelcomeScript.ps1Get-DateGet-ProcessGet-Service | Where-Object { $_.Status -eq 'Running' }Get-WmiObject -Class Win32_Product | Select-Object Name,VersionGet-NetIPAddress

Explore active information gathering in Linux! This episode teaches you how to enumerate a vulnerable Bee-Box machine using Kali Linux tools. You'll learn Nmap for identifying open ports and services, and Metasploit for deeper SMTP enumeration, strengthening your reconnaissance skills.Link: Bee-Box official download pageCommands: nmap -Pn -sS –sV <Bee-Box IP Address>nmap -Pn -sS -sV -p 25 <Bee-Box IP Address>auxiliary/scanner/smtp/smtp_enumset RHOSTS <IP of the Bee-Box>set THREADS <Number of Logical Processors>

Uncover the hidden information on Windows systems! Learn how to use Microsoft's powerful PsTools suite to gather system information, track user sessions, enumerate services, and analyze event logs on a Windows Server 2022. We'll explorecommands like pslist.exe, psloglist.exe, and saving output to files.PsTools Link: https://learn.microsoft.com/en-us/sysinternals/downloads/pstools.Commands: .\pslist.exe.\psloggedon.exe.\psloglist.exe.\psservice.exeSave output by:.\psloglist.exe >> C:\Logdata.txt

Get your target ready! This episodeguides you through downloading and setting up a Windows Server 2022 virtualmachine within VMware. We'll walk through the installation processstep-by-step, preparing a vulnerable environment for your ethical hacking adventures.Link I used for myself: https://www.microsoft.com/en-us/evalcenter/download-windows-server-2022.

Episode 1: Building Your Digital Lab – VMware & Kali Linux SetupKick off your cybersecurity journey with the essentials! In this episode, we guide you through creating a secure virtualized environment by installing VMware Workstation and setting up your Kali Linux virtual machine for penetration testing. From downloading the ISO to configuring your VM settings, we’ll walk you through every step to build your personal digital lab.👉 Download VMware Workstation here: https://www.techspot.com/downloads/189-vmware-workstation-for-windows.html

🎙️ Series 4: Laying the FoundationsKickstart your cybersecurity journey with hands-on labs and real-world skills! In this series, we’ll set up virtual machines, explore Windows and Linux systems, and dive into scripting, debugging, and securing environments. Perfect for beginners and aspiring ethical hackers.Episodes:1️⃣ Building Your Digital Lab – Set up VMware Workstation and Kali Linux for penetration testing.2️⃣ Deploying Your Target – Install Windows Server 2022 as a vulnerable lab machine.3️⃣ Windows Deep Dive – Use PsTools to enumerate users, services, and event logs.4️⃣ Linux Reconnaissance – Master Nmap and Metasploit against a Bee-Box target.5️⃣ Powering Up with PowerShell – Learn the basics of scripting and automation on Windows.6️⃣ Bash Scripting Essentials – Automate user management and SSH setup in Kali Linux.7️⃣ Debugging Your Code – Fix common PowerShell and Bash scripting errors.8️⃣ Memory Matters – Explore program memory layouts and forensic queries with PowerShell.9️⃣ Files & Formats – Work with FAT32 and NTFS, file operations, and permissions.🔟 Locking It Down – Restrict user access and secure folders with NTFS permissions.

Bring all concepts together and let's start working on security together

People - Both strongest and the weakest links

GRC - Governance, Risk and Compliance -> Team leading security at every organization

In this episode, we dive into building breach-ready systems with strong incident detection and response strategies. Learn how to identify threats early, contain damage, and recover fast.

Let's learn about how to secure your infrastructure

Let's start by understanding the first step of building a cyber citadel

Today, we're diving headfirst into the fascinating world of Security and Risk Management.

Get ready to refresh your memory about data protection

During the initial stages of product design, security architects usually come into the picture and perform threat analysis using threat modeling.

Understand what security architects look for in a product

It's time to make it real and start connecting the product worldwith cyber.

In Series 2, Episode 16, uncover the perils of improper authentication methods in the digital landscape. Join us as we dissect real-world cases, highlighting the consequences of weak authentication practices and providing essential guidance on fortifying online security protocols.

In Series 2, Episode 15, delve into the realm of cybersecurity as we explore Insecure Direct Object References (IDOR). Uncover the vulnerabilities and risks associated with IDOR, gaining crucial insights into safeguarding digital assets against unauthorized access and manipulation.

In Series 2, Episode 14, unravel the intricate world of cookies, session management, and secure flags. Delve into best practices and security measures, discovering how these elements impact user authentication and privacy, ensuring a safer digital environment for all.

In Series 2, Episode 13, demystify web security jargon with a deep dive into CSP, SOP, and CORS. Explore the complexities and nuances of Content Security Policy, Same-Origin Policy, and Cross-Origin Resource Sharing, equipping yourself with essential knowledge for a safer online experience.

In Series 2, Episode 12, unravel the secrets of web application security through HTTP headers. Explore the pivotal role these headers play in fortifying your web apps, empowering you with invaluable insights to bolster your online defenses.

In Series 2, Episode 11, unravel the critical importance of server-side validation in cybersecurity. Join us as we dissect real-world scenarios, shedding light on why robust server-side validation is the cornerstone of digital defense strategies.

Dive into the world of cybersecurity with our podcast, exploring defense in depth strategies through real-life examples. Discover the power of client and server-side validation techniques, safeguarding digital landscapes one layer at a time. Client side validation: // Client-side validation for a registration form function validateForm() {     var username = document.forms["registrationForm"]["username"].value;     var password = document.forms["registrationForm"]["password"].value;         // Check if username and password are not empty     if (username == "" || password == "") {         alert("Username and password must be filled out");         return false; // Prevent form submission     }         // Check if password is at least 8 characters long     if (password.length < 8) {         alert("Password must be at least 8 characters long");         return false; // Prevent form submission     } } Server side validation: const express = require('express'); const bodyParser = require('body-parser'); const app = express();   // Middleware to parse incoming JSON requests app.use(bodyParser.json());   // POST endpoint for user registration app.post('/register', (req, res) => {     const username = req.body.username;     const password = req.body.password;       // Server-side validation     if (!username || !password) {         return res.status(400).json({ error: "Username and password are required" });     }       // Perform further validation checks and save user data to the database     // ...       return res.status(200).json({ message: "Registration successful" }); });   // Start the server app.listen(3000, () => {     console.log('Server is running on port 3000'); });

Join us in this illuminating podcast episode as we explore the vital concept of 'Data Escaping' in web app security. Discover how this technique acts as a crucial shield, ensuring that user input is handled safely, preventing data breaches, and maintaining the integrity of your web application. Don't miss this essential guide to keeping your online platform secure! Codes referred in the episodes: User inputs: "Hey, check outthis& that! " Data Escaping: "Hey, check outthis& that! " User Inputs: "Please input your <script>alert('Hello, XSS!');</script>here." Data escaping: "Please input your <script>alert('Hello, XSS!');</script> here. "

In this eye-opening podcast episode, we unlock the secrets of web app security, offering practical insights and expert tips to help you fortify your online presence and shield your web applications from potential threats. Tune in to safeguard your digital world!

Join us in this engaging podcast episode as we dive into the 'Secure by Design' security principle, uncovering how it empowers individuals and organizations to take proactive steps towards protecting their digital assets in today's interconnected world.

Join us in this insightful podcast episode as we unravel the core principles of GAPP (Generally Accepted Privacy Principles), delving into how they safeguard your digital privacy and shape the future of data protection.

Unlock the secrets of robust cybersecurity practices with Series 2: Ep 5 of our podcast, where we demystify the NIST 800-53 and NIST Framework, empowering you to fortify your digital infrastructure against cyber threats.

Join us in Series 2: Ep 4 of our podcast as we unravel the crucial world of cybersecurity standards, regulations, and principles, arming you with the knowledge to safeguard against digital threats and protect your digital assets.

In this informative podcast, we unravel the fundamental principles of the CIA triad - Confidentiality, Integrity, and Availability - and how these three pillars form the cornerstone of information security in our interconnected world. Join us as we discuss how the CIA triad is applied across various industries and explore its crucial role in safeguarding sensitive data, preserving data accuracy, and ensuring continuous access to critical resources.

In this episode, we delve into a real-world defense in depth example: how modern cybersecurity strategies implement a multi-tiered approach to fortify data and systems, combining firewalls, encryption, access controls, and monitoring to ensure digital defenses are resilient against cyber attacks.

Let us learn about Defense in Depth (DiD) - a cybersecurity strategy that employs multiple layers of security controls to safeguard systems and data, making it harder for attackers to breach and ensuring resilience against potential threats.

In this informative podcast episode, we unravel the inner workings of the Domain Name System (DNS) and its vital role in internet communication. Join me as we explore the intricate processes of domain name resolution, DNS servers, and caching, shedding light on how this fundamental system enables seamless web browsing and connects us to websites across the globe.

In this captivating podcast episode, we unravel the mysteries of encryption, encoding, decoding, and steganography. Join us as we delve into the world of secure communication, exploring the techniques used to protect data, hide messages in plain sight, and decode information, shedding light on the fascinating intersection of technology and secrecy.

In this podcast episode, we explore the world of Single Sign-On (SSO), a streamlined authentication method that allows users to access multiple applications and systems with just one set of credentials. Join me as I dive into this concept.

MFA (Multi-Factor Authentication) is a security measure that requires users to provide two or more pieces of evidence, such as a password and a fingerprint, to verify their identity and gain access to a system or application, adding an extra layer of protection against unauthorized access. Want to know more? Tune in!

Firewalls is a term that everyone talks about. So if you want to know what exactly this in, simply tune in!

Confused about the difference between VPN and Proxy? Well, that is what I am here to explain!