Hack the world

IaaS, PaaS, SaaS: IaaS provide network, computer, data storage high flexibility PaaS remove the need for your application and manage the underlying infrastructure focus on development and management on application SaaS the complete product that is run and managed by the service provider Difference between IaaS > PaaS > SaaS? Like doing pizza IaaS provide oven, kitchen, gas PaaS provide oven, kitchen, gas and pizza Dough, what you need to do is make toppings on it. SaaS provide oven, kitchen, gas and pizza Dough and toppings, also cook pizza for you, you only need to sell it. Free services include: Amazon VPC. Elastic Beanstalk (but not the resources created). CloudFormation (but not the resources created). Identity Access Management (IAM). Auto Scaling (but not the resources created). OpsWorks. Consolidated Billing. Fundamentally charges include: Compute. Storage. Data out The 6 advantages of cloud are: Trade capital expense for variable expense Benefit from massive economies of ...

Why fuzz? It is hard to enumerate all the inputs as test cases. When we write test cases, we generally consider some common scenarios such as forward testing, reverse testing, boundary values, super long, super short, etc., but we cannot iterate through all the inputs for testing. And fuzz is also a good way for hacker to find 0 day vulnarability. Category of fuzz: blind fuzzers The oldest class of fuzzers are so-called blind fuzzers. Such fuzzers have to overcome the problem that random inputs will not exercise any interesting code within a given software.  It includes  mutational fuzzing  and  generational fuzzing . They can only detect if the program has crashed or not and find simple bugs. For large scale, they are useless. Mutational fuzzers require a good corpus of inputs to mutate. It needs to perform numerous executions per second to work properly. Generational fuzzing need manual human definition and grammar.  Coverage-guided Fuzzers use a feedback mec...

Collect as much as possible of the target website. For example, port, real IP. whois : to show the details of the website, like owner, registration information. www.tianyancha.com . Find the register and other information www.beianbeian.com google dork or google hacking: like site: syr.edu. inurl: ?id=123 subdomainBrute .  https://phpinfo.me/domain   find subdomain site: google.com . Find the subdomain https://dnsdumpster.com/  find the network of the domain.  Sometimes if we ping the URI, we only get the CDN server's IP, CDN is for cache static page and improve user experience. So we can ping target IP from different areas through www.17ce.com. If they are the same, we can conclude that there is no CDN server. https://asm.ca.com/en/ping.php  to find the real IP in US. Find the open port: Nmap, Masscan, Zmap samba : SMB (server message block) network protocol.