Table Of Contents Introduction Types of XSS Attacks Reflected XSS Stored XSS DOM-based XSS Preventing XSS Attacks in Node.js Introduction Cross-site scripting (XSS) is a type of vulnerability that allows attackers to inject malicious code into a website. This can be used to steal user data, deface a website, or perform other malicious actions…

In this walkthrough, I demonstrate the steps I took to complete the “Breaching Active Directory” network on TryHackMe. Task 1: Intro to AD Breaches Connect to the VPN I am using my own Kali VM to complete this room, not the AttackBox provided by TryHackMe. Download the VPN connection pack and connect to the VPN as a background service. #…

Hi! I am making these walkthroughs to keep myself motivated about cyber security, and ensure that I remember the knowledge gained by THMs rooms. Join me on learning cyber security. I will try and explain concepts as I go, to differentiate myself from other walkthroughs. Room URL: https://tryhackme.com/room/burpsuiterepeater Prerequisites: https://tryhackme.com/room/burpsuitebasics Task 1 (Outline)

Hi! In this walkthrough we will cover the Burp Suite: Basics room on THM. I am making these walkthroughs to keep myself motivated to learn cyber security, and ensure that I remember the knowledge gained by THMs rooms. Join me on learning cyber security. …

This part is an overview of a multi-part series. Start here for a brief intro to DevOps or skip directly to Part 1 to start your journey. Target Audience Are you a developer looking to shift your career towards a more DevOps model? Are you are a classically trained Ops person and you would like to get a feeling of what…

DevSecOps Life Cycle After months of posting about DevSecOps on LinkedIn, I decided to start sharing more details about DevSecOps area using articles instead of posts. In this article we will discover together the world of DevSecOps. Table of Contents What is DevSecOps ? What are DevSecOps Stages ? What Skills needed for…

A bug bounty program is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities. A reward offered to a perform who identifies an error or vulnerability in a computer program or system. ‘The…

A Series of Example Labs for the Exam Azure Security Associate Exam validates your implementing Azure security controls that protect identity, access, data, applications, and networks in cloud and hybrid environments as part of an end-to-end infrastructure. This series’ first installment focuses on becoming comfortable with Azure Portal. Even better, you can create a free Azure account and…

We have a simple Node.js application that we will use in this tutorial to demonstrate how you can use your local images to build and deploy an application on minikube. Prerequisites: Node.js application — We have a sample application for you to use. Clone this repo. Docker Desktop — Get it…