githubfoam
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #=================================================================================================================================== | |
| AI red teaming is a specialized security practice that simulates real-world attacks against artificial intelligence (AI) systems. Its purpose is to uncover vulnerabilities and weaknesses before malicious actors can exploit them. Effective AI red teaming requires a deep understanding of AI, cybersecurity, and ethical hacking. This training focuses on the attack techniques, vulnerabilities, and defense strategies, providing hands-on experience to build expertise in AI security. Here's a breakdown of best practices: | |
| 1. Define Clear Objectives and Scope: | |
| Target Identification: Precisely define the AI systems or components under scrutiny. This could be a facial recognition system, a fraud detection model, a chatbot, or any other AI-powered application. | |
| Threat Modeling: Develop realistic attack scenarios based on potential threats. Consider the attacker's motives, skills, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --------------------------------------------------------------------------------------------------------------------- | |
| The error message indicates that dnsmasq failed to start because port 53 (DNS) is already in use by another process. This prevents dnsmasq from binding to the required port. | |
| Steps to Fix the Issue | |
| 1. Identify the Process Using Port 53 | |
| Run the following command to check which process is occupying port 53: | |
| sudo netstat -tulnp | grep :53 | |
| or |
githubfoam
/ VMWare Workstation Cheat Sheet
Last active
February 9, 2024 10:42
VMWare Workstation Cheat Sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ---------------------------------------------------------------------------------------------------- | |
| #compare mac address in the network adapter settings to the one in the output of command ip addr | |
| Open a terminal on your Ubuntu 20.04 virtual machine. | |
| Run the ip addr command to display information about the network interfaces. | |
| ip addr | |
| Virtual Machine Settings - Hardware - Network Adapter - Advanced - MAC Address |
githubfoam
/ fortigate sniff packet cheat sheet
Last active
August 28, 2025 15:20
fortigate sniff packet cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #===================================================================== | |
| diagnose sniffer packet vs diag debug flow filter | |
| # diagnose sniffer packet checks if the packet reaches fortigate | |
| # diag debug flow filter checks packet's traffic within fortigate internally | |
| diagnose debug flow #trace per-packet operations for flow tracing | |
| diagnose sniffer packet #trace per-Ethernet frame | |
| #===================================================================== | |
| #WEB GUI v7.2.3 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ---------------------------------------------------------------------------------------------------- | |
| #detect rogue dhcp server | |
| nmap -sU -p67,68 --script dhcp-discover <network_range> | |
| sudo nmap --script broadcast-dhcp-discover | |
| sudo nmap --script broadcast-dhcp-discover -e eth0 | |
| ---------------------------------------------------------------------------------------------------- | |
| Wireshark Output for nmap IP Fragment Scan (Sample): | |
| Filter: ip.flags.mf == 1 | |
| No. Time Source Destination Protocol Length Info |
githubfoam
/ email security cheat sheet
Last active
January 17, 2024 03:55
email security cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ========================================================================================================== | |
| Email remains a critical communication tool for businesses but is also a common vector for various cyber threats. Here are some email threats and countermeasures: | |
| Phishing: Attackers impersonate legitimate entities to deceive recipients into revealing sensitive information or performing actions. Countermeasures include employee training for recognizing phishing attempts, implementing email filters to flag suspicious emails, and using authentication methods like DMARC, SPF, and DKIM to verify sender authenticity. | |
| Malware Attachments: Emails may contain attachments (e.g., documents, executables) carrying malware. Employing robust antivirus software, sandboxing attachments for analysis, and restricting executable attachments can mitigate this threat. | |
| Spoofing and Business Email Compromise (BEC): Attackers spoof email addresses to impersonate trusted entities, aiming to trick recipients into transferring |
githubfoam
/ network devices security( switch,router etc) cheat sheet
Last active
July 25, 2025 13:09
network devices security( switch,router etc) cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------------------------------------------------- | |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| #dhcp snooping chatgpt | |
| DHCP snooping is a feature used to mitigate rogue DHCP server attacks by filtering DHCP messages received from untrusted sources. Here's a step-by-step guide to configure, test, and verify DHCP snooping on a Cisco switch: | |
| Configuration Steps: | |
| 1. Enable DHCP Snooping: | |
| bash | |
| Copy code |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------ | |
| #ChatGPT | |
| SQL injection is a type of security vulnerability that occurs when an attacker is able to manipulate an application's SQL query by injecting malicious SQL code. The vulnerability arises when user input is not properly validated or sanitized before being used in SQL queries. This can lead to unauthorized access, manipulation of data, and potential exposure of sensitive information stored in a database. | |
| Here's a more detailed explanation: | |
| Input Handling: Many web applications take user input through forms, search boxes, or other input mechanisms. This input is often used to construct SQL queries that interact with a database. | |
| Improper Validation: If the application does not properly validate or sanitize user input, an attacker can craft input in a way that manipulates the SQL query being executed. |
githubfoam
/ hp aruba mobility controller cheat sheet
Last active
December 18, 2023 13:17
hp aruba mobility controller cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------ | |
| grep "authentication failed" /var/log/host-*.log | |
| find /var/log -name "host-*.log" -print0 | xargs -0 grep "authentication failed" | |
| for file in /var/log/host-*.log; do | |
| grep "authentication failed" "$file" | |
| done |
githubfoam
/ Investigation Path - cwe id 552
Created
December 12, 2023 08:16
Investigation Path - cwe id 552
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ========================================================================================================== | |
| On CentOS 7, the installation path of Apache Tomcat might vary depending on how it was installed. | |
| Default Path: Apache Tomcat is often installed | |
| ls /usr/share/tomcat | |
| ls /usr/local/tomcat | |
| use the find command to locate the Tomcat directory if you're uncertain about the installation path | |