Hackers GB

25/02/2026

I’m happy to share that I’ve obtained a new certification: Threat Intelligence Fundamentals for SOC Analysts from SOCRadar!

Follow this link to get more details about Threat Intelligence Fundamentals for SOC Analysts credential issued by SOCRadar to [email protected].

17/01/2026

Some useful open-source tools

SIEM / Log Management
- Elastic Stack (ELK): Open-source log collection, search, visualization, and detection.
- Wazuh: Host-based intrusion detection, log analysis, and SIEM.
- Graylog: Centralized log management with alerting.
- Security Onion: Turnkey SOC distro combining SIEM, IDS, and network monitoring.

EDR / Endpoint Visibility
- osquery: SQL-based endpoint telemetry and threat hunting.
- Velociraptor: Endpoint detection, live response, and digital forensics.
- GRR Rapid Response: Remote incident response and evidence collection.

Network Detection & IDS
- Zeek: Deep network traffic analysis and metadata generation.
- Suricata: High-performance IDS/IPS and network threat detection.
- Snort: Signature-based intrusion detection and prevention.

Threat Intelligence
- MISP: Threat-intel sharing, correlation, and IOC management.
- OpenCTI: Centralized platform for cyber threat intelligence.
- MalwareBazaar: Open malware sample sharing platform.
- Abuse.ch Feeds: Free malicious IP, domain, and URL intelligence.

Detection Engineering
- Sigma: Vendor-agnostic detection rule format for SIEMs.
- YARA: Malware identification using pattern-matching rules.
- OpenIOC: Structured indicators of compromise definition.

Incident Response & Forensics
- TheHive: Incident response case management platform.
- Cortex: Automated enrichment and response engine.
- Timesketch: Collaborative forensic timeline analysis.
- Volatility: Advanced memory forensics framework.

08/01/2026

🔎 — Advanced Fuzzing Techniques Most Hunters Miss

0) Setup variables (optional)

DOMAIN="company.com"
ORIGIN="company.com" # or https:// or https://
WL="words.txt"
HY="hybrid.txt"

1) Direct subdomain fuzz (fast check)

Works when DNS resolves the hostnames.

ffuf -w "$WL" -u "https://FUZZ.$DOMAIN/" -t 200 -mc 200,301,302,401,403 -fs 0 -ac

2) VHOST / Host-header fuzz (CDN / reverse proxy routing)

When wildcard DNS isn’t visible but routing exists.

ffuf -w "$WL" -u "$ORIGIN" -H "Host: FUZZ.$DOMAIN" -t 300 -mc 200,301,302,401,403 -fs 0 -ac

Save results (JSON)

ffuf -w "$WL" -u "$ORIGIN" -H "Host: FUZZ.$DOMAIN" -t 300 -mc 200,301,302,401,403 -fs 0 -of json -o vhost_fuzz.json -ac

3) Hyphenated hosts

ffuf -w "$WL" -u "$ORIGIN" -H "Host: FUZZ-$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

4) Suffix & prefix environment tags

FUZZ-test.company.com

ffuf -w "$WL" -u "$ORIGIN" -H "Host: FUZZ-test.$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

test-FUZZ.company.com

ffuf -w "$WL" -u "$ORIGIN" -H "Host: test-FUZZ.$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

FUZZ.stage.company.com

ffuf -w "$WL" -u "$ORIGIN" -H "Host: FUZZ.stage.$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

stage-FUZZ.company.com

ffuf -w "$WL" -u "$ORIGIN" -H "Host: stage-FUZZ.$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

5) WWW namespace exploitation (🔥)

FUZZwww.company.com

ffuf -w "$HY" -u "$ORIGIN" -H "Host: FUZZwww.$DOMAIN" -t 350 -mc 200,301,302,401,403 -fs 0 -ac

wwwFUZZ.company.com

ffuf -w "$HY" -u "$ORIGIN" -H "Host: wwwFUZZ.$DOMAIN" -t 350 -mc 200,301,302,401,403 -fs 0 -ac

wwFUZZ.company.com

ffuf -w "$HY" -u "$ORIGIN" -H "Host: wwFUZZ.$DOMAIN" -t 350 -mc 200,301,302,401,403 -fs 0 -ac

FUZZww.company.com

ffuf -w "$HY" -u "$ORIGIN" -H "Host: FUZZww.$DOMAIN" -t 350 -mc 200,301,302,401,403 -fs 0 -ac

6) Numeric drift (use a numbers list)

Create a quick numbers list:

seq -w 0 500 > nums.txt

025www.company.com style

ffuf -w nums.txt -u "$ORIGIN" -H "Host: FUZZwww.$DOMAIN" -t 350 -mc 200,301,302,401,403 -fs 0 -ac

www02.company.com style

ffuf -w nums.txt -u "$ORIGIN" -H "Host: wwwFUZZ.$DOMAIN" -t 350 -mc 200,301,302,401,403 -fs 0 -ac

www-03.company.com style

ffuf -w nums.txt -u "$ORIGIN" -H "Host: www-FUZZ.$DOMAIN" -t 300 -mc 200,301,302,401,403 -fs 0 -ac

03-www.company.com style

ffuf -w nums.txt -u "$ORIGIN" -H "Host: FUZZ-www.$DOMAIN" -t 300 -mc 200,301,302,401,403 -fs 0 -ac

7) Separator drift (dot / hyphen / underscore / none)

underscore in DNS labels is uncommon but shows up in some internal/service records; test where allowed.

ffuf -w "$WL" -u "$ORIGIN" -H "Host: www-FUZZ.$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

ffuf -w "$WL" -u "$ORIGIN" -H "Host: www_FUZZ.$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

ffuf -w "$WL" -u "$ORIGIN" -H "Host: wwwFUZZ.$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

8) Token fusion (role bleeding)

Use a curated list roles.txt like: api auth cdn static sso id app admin internal edge

ffuf -w roles.txt -u "$ORIGIN" -H "Host: wwwFUZZ.$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

ffuf -w roles.txt -u "$ORIGIN" -H "Host: FUZZwww.$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

9) Third-party / vendor overlay

vendors.txt: jira confluence grafana kibana sentry datadog okta zendesk status

ffuf -w vendors.txt -u "$ORIGIN" -H "Host: FUZZ.$DOMAIN" -t 200 -mc 200,301,302,401,403 -fs 0 -ac

ffuf -w vendors.txt -u "$ORIGIN" -H "Host: wwwFUZZ.$DOMAIN" -t 250 -mc 200,301,302,401,403 -fs 0 -ac

10) Endpoint fuzzing (same mindset, different surface)

ffuf -w endpoints.txt -u "$ORIGIN/FUZZ" -t 200 -mc 200,204,301,302,401,403 -fc 404 -fs 0 -ac

With extensions

ffuf -w endpoints.txt -u "$ORIGIN/FUZZ" -e .php,.asp,.aspx,.jsp,.json,.txt,.bak,.zip -t 200 -mc 200,301,302,401,403 -fc 404 -fs 0 -ac

01/11/2025

API - Application Programming Interface

𝟭. 𝗧𝘆𝗽𝗲𝘀 𝗼𝗳 𝗔𝗣𝗜𝘀
• REST for simplicity.
• GraphQL when clients need flexible queries.
• WebSocket for real-time. gRPC for microservice speed.

Pick REST first. Master one before touching others.

𝟮. 𝗔𝗣𝗜 𝗠𝗲𝘁𝗵𝗼𝗱𝘀
• POST creates it.
• GET reads data.
• DELETE removes it.
• PATCH updates parts.
• PUT updates everything.

Five methods run 90% of the internet.

𝟯. 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻
• API Keys for simple projects.
• OAuth 2.0 for third-party login.
• JWT tokens for stateless auth.
• Bearer tokens for secure APIs.

No auth means no production deployment.

𝟰. 𝗔𝗣𝗜 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆
• SSL/TLS encrypts data.
• Rate limiting stops abuse.
• Input validation blocks injections.
• CSRF protection prevents forgery.
• Security headers harden responses.

One breach costs more than implementing all five.

𝟱. 𝗔𝗣𝗜 𝗧𝗲𝘀𝘁𝗶𝗻𝗴
• Load testing proves scale.
• Unit tests catch logic bugs.
• Security testing finds holes.
• Postman makes this dead simple.
• Integration tests verify connections.

𝟲. 𝗔𝗣𝗜 𝗗𝗼𝗰𝘂𝗺𝗲𝗻𝘁𝗮𝘁𝗶𝗼𝗻
• AsyncAPI for event-driven APIs.
• Undocumented APIs die unused.
• RAML for design-first approaches.
• Postman Collections for team sharing.
• OpenAPI (Swagger) for interactive docs.

𝟳. 𝗗𝗲𝘀𝗶𝗴𝗻 𝗣𝗿𝗶𝗻𝗰𝗶𝗽𝗹𝗲𝘀
• Caching speeds everything up.
• Stateless requests scale infinitely.
• Resource-based URLs stay clean.
• Pagination handles large datasets.
• Versioning prevents breaking changes.

Follow Coding Tips for more.

゚viralシfypシ゚

12/07/2025

SOC Analyst Roadmap 🔵🎯

├── Core Skills
│ ├── Networking
│ │ ├── TCP/IP, DNS, DHCP
│ │ ├── Subnetting & Network Design
│ ├── Operating Systems
│ │ ├── Windows: AD, Logs, Group Policy
│ │ ├── Linux: Permissions, Syslog, Scripting
│ └── Cybersecurity Basics
│ ├── CIA Triad, Risk Assessment
│ ├── Threat Frameworks (MITRE ATT&CK)

├── Threat Intelligence
│ ├── OSINT: Maltego, Shodan, Censys
│ ├── Threat Hunting: TTPs, Alert Triage
│ └── IOCs: IPs, Hashes, Domains

├── SOC Operations
│ ├── SIEM: Splunk, ELK, QRadar; Log Analysis
│ ├── Incident Response: Alert Handling, Basic Forensics
│ ├── EDR: CrowdStrike, SentinelOne; Endpoint Monitoring
│ └── NSM: Zeek, Wireshark; Traffic Analysis

├── Vulnerability Monitoring
│ ├── Scanning: Nessus, Qualys; Result Analysis
│ ├── Patching: Track & Verify Updates
│ └── Configurations: Monitor Secure Baselines

├── Identity & Access
│ ├── Authentication: MFA, SSO Logs
│ ├── Authorization: RBAC/ABAC Monitoring
│ └── Anomalies: User Behavior, Brute-Force Detection

├── Infrastructure Monitoring
│ ├── Segmentation: VLAN, Firewall Logs
│ ├── Zero Trust: Identity & Policy Checks
│ └── Encryption: TLS/SSL, VPN Monitoring

├── Awareness Support
│ ├── Phishing Simulations & Training Metrics
│ └── Incident Feedback for User Education

├── Compliance & Policy
│ ├── Regulations: GDPR, HIPAA, PCI-DSS
│ └── Policy: Monitor Security & IR Adherence

├── Advanced SOC Skills
│ ├── Deception: Honeypots, Alert Analysis
│ └── Simulation: Purple Teaming, ATT&CK Mapping

25/05/2025

𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐯𝐞𝐧𝐝𝐨𝐫𝐬' 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬
Security vendor analysis is a process of evaluating the security posture and risk profile of third-party vendors, both before and during a business relationship
Virus Total: https://www.virustotal.com/gui/home/upload
Hybrid Analysis: https://www.hybrid-analysis.com/
Malware bazar : https://bazaar.abuse.ch/
Joesandbox : https://www.joesandbox.com/

27/04/2025

Cyber Security Remote job live working
Positon: Cyber Security Analysis

What is networking ?What is investigation?live working and networking solution■ page Link : https://www.facebook.com/profile.php?id=61554887563375■ ...

26/01/2025

time based sql

26/01/2025

☄️Information Disclosure Dork☄️

site:*.example.com (ext:doc OR ext:docx OR ext:odt OR ext:pdf OR ext:rtf OR ext:ppt OR ext:pptx OR ext:csv OR ext:xls OR ext:xlsx OR ext:txt OR ext:xml OR ext:json OR ext:zip OR ext:rar OR ext:md OR ext:log OR ext:bak OR ext:conf OR ext:sql)

07/01/2025

Alhamdulillah
New year new order complete done





Fiverr : https://www.fiverr.com/labib_hossain