githubfoam
githubfoam
/ fortigate sniff packet cheat sheet
Last active
May 15, 2025 06:13
fortigate sniff packet cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #===================================================================== | |
| diagnose sniffer packet vs diag debug flow filter | |
| # diagnose sniffer packet checks if the packet reaches fortigate | |
| # diag debug flow filter checks packet's traffic within fortigate internally | |
| diagnose debug flow #trace per-packet operations for flow tracing | |
| diagnose sniffer packet #trace per-Ethernet frame | |
| #===================================================================== | |
| #WEB GUI v7.2.3 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ---------------------------------------------------------------------------------------------------- | |
| #detect rogue dhcp server | |
| nmap -sU -p67,68 --script dhcp-discover <network_range> | |
| sudo nmap --script broadcast-dhcp-discover | |
| sudo nmap --script broadcast-dhcp-discover -e eth0 | |
| ---------------------------------------------------------------------------------------------------- | |
| Wireshark Output for nmap IP Fragment Scan (Sample): | |
| Filter: ip.flags.mf == 1 | |
| No. Time Source Destination Protocol Length Info |
githubfoam
/ email security cheat sheet
Last active
January 17, 2024 03:55
email security cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ========================================================================================================== | |
| Email remains a critical communication tool for businesses but is also a common vector for various cyber threats. Here are some email threats and countermeasures: | |
| Phishing: Attackers impersonate legitimate entities to deceive recipients into revealing sensitive information or performing actions. Countermeasures include employee training for recognizing phishing attempts, implementing email filters to flag suspicious emails, and using authentication methods like DMARC, SPF, and DKIM to verify sender authenticity. | |
| Malware Attachments: Emails may contain attachments (e.g., documents, executables) carrying malware. Employing robust antivirus software, sandboxing attachments for analysis, and restricting executable attachments can mitigate this threat. | |
| Spoofing and Business Email Compromise (BEC): Attackers spoof email addresses to impersonate trusted entities, aiming to trick recipients into transferring |
githubfoam
/ network devices security( switch,router etc) cheat sheet
Last active
July 25, 2025 13:09
network devices security( switch,router etc) cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------------------------------------------------- | |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| #dhcp snooping chatgpt | |
| DHCP snooping is a feature used to mitigate rogue DHCP server attacks by filtering DHCP messages received from untrusted sources. Here's a step-by-step guide to configure, test, and verify DHCP snooping on a Cisco switch: | |
| Configuration Steps: | |
| 1. Enable DHCP Snooping: | |
| bash | |
| Copy code |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------ | |
| #ChatGPT | |
| SQL injection is a type of security vulnerability that occurs when an attacker is able to manipulate an application's SQL query by injecting malicious SQL code. The vulnerability arises when user input is not properly validated or sanitized before being used in SQL queries. This can lead to unauthorized access, manipulation of data, and potential exposure of sensitive information stored in a database. | |
| Here's a more detailed explanation: | |
| Input Handling: Many web applications take user input through forms, search boxes, or other input mechanisms. This input is often used to construct SQL queries that interact with a database. | |
| Improper Validation: If the application does not properly validate or sanitize user input, an attacker can craft input in a way that manipulates the SQL query being executed. |
githubfoam
/ hp aruba mobility controller cheat sheet
Last active
December 18, 2023 13:17
hp aruba mobility controller cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------ | |
| grep "authentication failed" /var/log/host-*.log | |
| find /var/log -name "host-*.log" -print0 | xargs -0 grep "authentication failed" | |
| for file in /var/log/host-*.log; do | |
| grep "authentication failed" "$file" | |
| done |
githubfoam
/ Investigation Path - cwe id 552
Created
December 12, 2023 08:16
Investigation Path - cwe id 552
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ========================================================================================================== | |
| On CentOS 7, the installation path of Apache Tomcat might vary depending on how it was installed. | |
| Default Path: Apache Tomcat is often installed | |
| ls /usr/share/tomcat | |
| ls /usr/local/tomcat | |
| use the find command to locate the Tomcat directory if you're uncertain about the installation path | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------ | |
| #ChatGPT | |
| An Automatic Transfer Switch (ATS) is a device used in electrical systems to automatically switch power sources between primary and secondary power supplies in case of a power outage or voltage drop. Its primary function is to ensure uninterrupted power supply to critical equipment or loads by seamlessly transferring power between two sources. | |
| Functionality of ATS: | |
| Dual Power Sources: ATS devices typically connect to two separate power sources, such as the primary utility power and a backup generator or secondary power feed. | |
| Automatic Switching: Monitors the primary power source, and in the event of a power failure or abnormal voltage, the ATS swiftly switches the load to the secondary power source without manual intervention. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #===================================================================== | |
| Enable the web application firewall | |
| Enable the web application firewall: | |
| Go to System > Feature Visibility. | |
| Under Security Features, enable Web Application Firewall. | |
| Click Apply. | |
| #===================================================================== | |
| The web application firewall feature is only available when the policy inspection mode is proxy-based. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ========================================================================================================== | |
| #apache 2.4.10 on windows server 2012 data center. | |
| #\apache\conf\extra\httpd-ssl | |
| #The -ALL option disables all SSL/TLS protocols initially. | |
| #The +TLSv1.2 and +TLSv1.3 options then selectively enable the TLS 1.2 and TLS 1.3 protocols. | |
| SSLProtocol -ALL +TLSv1.2 +TLSv1.3 | |
| #this configuration directly specifies that Apache should use TLS 1.2 and TLS 1.3 for secure communications. | |
| #It doesn't explicitly disable any other SSL or TLS versions, but it indicates the preferred versions. |