Getting Started with Kali Linux: Opening the Door to the World of Cybersecurity

Getting Started with Kali Linux: Opening the Door to the World of Cybersecurity

The importance of cybersecurity lies in its direct relation to personal privacy, corporate assets, and even the security of national critical infrastructure. As the degree of digitalization continues to increase, the methods of cyber attacks have become more diverse, covert, and destructive. Any weak link can lead to data breaches, system paralysis, or economic losses. … Read more

Kali Linux Full-Stack Penetration Practice: A Closed-Loop Attack and Defense System from Vulnerability Discovery to Zero Trust Defense

Kali Linux Full-Stack Penetration Practice: A Closed-Loop Attack and Defense System from Vulnerability Discovery to Zero Trust Defense

1. System Intrusion Investigation Technical System In the Kali Linux ecosystem, system intrusion investigation requires the establishment of a multi-layered detection framework covering the network layer, host layer, and application layer. Taking a penetration testing case from a financial institution’s internal network as an example, after the attacker gains initial access through an SMB protocol … Read more

Kali Linux 2025.3 Released: More Powerful Than You Imagine

Kali Linux 2025.3 Released: More Powerful Than You Imagine

Offensive Security has officially announced the release of Kali Linux 2025.3, which is the third update of this Debian-based penetration testing and ethical hacking distribution in 2025. Following the release of Kali Linux 2025.2 over three months ago, the latest Kali Linux 2025.3 brings several significant improvements. The most notable update is the Nexmon support … Read more

Kali Linux: The Hacker’s Ultimate System! Detailed Installation Guide Included

Kali Linux: The Hacker's Ultimate System! Detailed Installation Guide Included

Excerpt from the movie The MatrixThe tool featured in the movie is called: Nmap, which is the world’s most famous network scanning tool.What is Kali Linux? Kali Linux is a Linux operating system designed specifically for network security professionals. It is a super toolbox pre-installed with over 600 specialized tools.Want to learn hacking skills and … Read more

Kali Linux Practical Guide: Database Vulnerability Mining and AI-Powered Defense System Construction

Kali Linux Practical Guide: Database Vulnerability Mining and AI-Powered Defense System Construction

1. Database Security Infrastructure and Threat Landscape As the storage medium for core data assets of enterprises, the security protection of databases is directly related to business continuity. The two major database systems represented by MySQL and Oracle occupy 78% of the global market share, but there are significant differences in their security architectures: MySQL … Read more

Linux Basic Practice Multiple Choice Questions – 01

Linux Basic Practice Multiple Choice Questions - 01

1. Question: Which Linux distribution is commercially supported by Canonical? Option 1: Ubuntu Option 2: Fedora Option 3: CentOS Option 4: Debian Correct Answer: 1 Explanation: Ubuntu is a Linux distribution that is commercially supported by Canonical. Canonical provides support and services for Ubuntu, making it a popular choice in both desktop and server environments. … Read more

EMBA: Transforming Embedded Firmware Security Analysis into a ‘Plug-and-Play’ Tool!

EMBA: Transforming Embedded Firmware Security Analysis into a 'Plug-and-Play' Tool!

Summary: EMBA is a powerful security analysis tool designed specifically for embedded device firmware, helping you quickly identify hidden risks within the firmware. From extraction, static/dynamic analysis to generating SBOM reports, it provides a one-stop solution. What is EMBA? EMBA (Embedded Firmware Security Analyzer) is essentially a command-line tool whose core function is to open … Read more

Interactive HTTP Packet Capture Tool: Aiding Penetration Testing and Development | Open Source Daily No.721

Interactive HTTP Packet Capture Tool: Aiding Penetration Testing and Development | Open Source Daily No.721

mitmproxy/mitmproxyhttps://github.com/mitmproxy/mitmproxy Stars: <span>38.2k</span> License: <span>MIT</span> mitmproxy is an interactive, SSL/TLS-capable HTTP proxy designed for penetration testers and software developers. Supports HTTP/1, HTTP/2, and WebSockets protocols Provides a command-line version mitmdump, similar to tcpdump for HTTP traffic analysis Features a web-based interface mitmweb for user-friendly operation and monitoring Offers extensive documentation and tutorials to help users … Read more

Covert Penetration Testing Methods Based on Raspberry Pi

Covert Penetration Testing Methods Based on Raspberry Pi

Abstract: With the annual increase of APT attacks, conventional penetration testing methods can no longer meet the diversified demands for network security detection in the current environment. Therefore, this article studies covert penetration methods, proposing an embedded PT penetration method using Raspberry Pi as a spy device, focusing on often-overlooked physical security vulnerabilities. This method … Read more

Bypassing WAF at the HTTP Protocol Level

Bypassing WAF at the HTTP Protocol Level

PS: This article is for technical analysis only and is prohibited for other illegal uses. First, let me introduce myself. I’m a novice who started learning Web penetration testing in 2017. The reason? Of course, my own website was hacked… Getting to the point, as security awareness increases, enterprises are paying more attention to the … Read more