Port Scanning Methods
List of Port Scanning Methods: TCP UDP NULL FIN XMAS ACK IDLE NULL Does not set any bits (TCP flag header is 0). FIN Sets just the TCP FIN bit. XMAS Sets the FIN, PSH, and URG flags, lighting the…
Category IT Security
Cybersecurity Attack Phases
According to EC-Council EC-Council identify in the CEH course 5 hacking phases: Reconnaissance Scanning Gaining Access Maintaining Access Clearing Tracks According to ISACA ISACA identify 8 phases in a cybersecurity generalized attack processs: Perform reconnaissance Create attack tools Deliver malicious…
Google Advance Search Tags
The exploit of these tags on cybersecurity (what is called ‘Google Hacking’) is documented in Exploit database in the section Google Hacking Database (GHDB). Google Advance Search Tags [cache:] [link:] [related:] [info:] [site:] [allintitle:] [intitle:] [allinurl:] [inurl:] [location:] [filetype:] …
Popular Command Line Tools for Cybersecurity
Command line tools are common in cybersecurity as they provide a light-weight, widely available, fast and straight way to use them. Below you can find a non-exhaustive list of the most common command line tools for cybersecurity. <h2>List of Popular…
How to get Certified Ethical Hacker (CEH) Certification
Certified Ethical Hacker (CEH) program is a set of certifications provided by EC-Council and related to cybersecurity. CEH is a certificate that appears in most of the professional certification paths suggested by EC-Council, so it can be considered a core…
ISACA Cybersecurity Nexus
Cybersecurity Nexus (CSX) is a training and credentialing program related to cybersecurity and develop by the professional association ISACA. It consists of a series of certificates: CSX Fundamentals (CSX-F) Certificate CSX Foundations Certificate, is awarded automatically when the candidate achieves:…
How to pass Cybersecurity Fundamentals CSX-F Certificate (2020-2022)
CSX-F, acronym for Cybersecurity Fundamentals, was a certificate issued by professional association ISACA until 2022 that demonstrated knowledge on cybersecurity. It was the entry-level exam for ISACA’s Cybersecurity Nexus (CSX) certificate series. It was a completely theoretical exam, consisting entirely…
Is it safe to download a suspicious file from the internet without executing it?
There are a few cases where simply downloading a file without opening it could lead to execution of attacker controlled code from within the file. It usually involves exploiting a known vulnerability within a program which will handle the file…
Security Information and Event Management
Security information and event management (SIEM) solutions are a combination of the formerly disparate product categories of: Security Information Management (SIM) Security Event Management (SEM) SIEM and CISM Certification SIEM is a concept that is covered in questions of CISM…
IS Disaster Recovery Objectives
This posts is to clarify the different terms related to Information System Disaster Recovery Objectives, and their differences. These terms appear on both Certified Information System Auditor (CISA) and Certified Information Security Manager (CISM) certifications, both issued by ISACA. Objective…