Skip to main content

Posts

Showing posts from April 14, 2026

WHOIS Lookup (2026): Uncovering Domain Ownership & Server Details

  Welcome to another segment of our Information Gathering series! In our previous post, we explored WhatWeb to identify a website's internal technology stack. However, to understand who is behind a website, when it was registered, or which company manages its infrastructure, we need a technique called WHOIS Lookup . WHOIS is a fundamental footprinting method used by penetration testers to gather domain-level intelligence. What is WHOIS? WHOIS (pronounced as the phrase "who is") is a query and response protocol used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name or an IP address block. Essentially, it acts as a public directory providing details about domain ownership, registration dates, expiry dates, and authoritative name servers. Why is it Important for Ethical Hackers? For a security researcher, a WHOIS lookup is vital for several reasons: Ownership Identity: Identifies the person or organization ...

WhatWeb Guide (2026): Identifying Website Technologies Like a Pro

  Welcome back to CyberShield! Amra ager post-e Nmap diye network scanning shikhechi. Kintu jokhon apnar target ekti website hoy, tokhon shudhu port scan korle hoy na; apnake jante hoy shei site-ti kon technology diye toiri. Ajke amra ekti powerful reconnaissance tool niye alochona korbo, jar nam holo WhatWeb . WhatWeb Ki? WhatWeb holo ekti open-source "Next-generation web scanner." Eti ekti website-er technology stack identify korte babohar kora hoy. Mane, ekti site kon CMS (Content Management System), kon web server, kon programming language, ebong kon kon plugin babohar korche, ta WhatWeb ekti command-er maddhome bole dite pare. WhatWeb Keno Babohar Korben? Passive Reconnaissance-er khetre WhatWeb khub-i guruttopurno. Eti diye niche-r jinish gulo khuje paoa jay: CMS Discovery: Site-ti ki WordPress, Joomla, naki Drupal? Web Server Information: Server-ti ki Apache, Nginx, naki Microsoft-IIS? Frameworks: Site-ti ki React, Vue.js, naki Laravel babohar korche? Plugins ...

Social Engineering: The Art of Human Hacking (2026 Guide)

  Welcome back to CyberShield! We have spent a lot of time discussing technical vulnerabilities like SQL Injection and Directory Traversal. However, today we are going to talk about a method that doesn't target software—it targets the Human Mind . Welcome to the world of Social Engineering . What is Social Engineering? Social Engineering is the psychological manipulation of people into performing actions or divulging confidential information. In the world of cybersecurity, it is often called "Human Hacking." No matter how strong your firewall is, if an employee gives away their password to a stranger, the system is compromised. Why Social Engineering is Dangerous Hard to Patch: You can patch software, but you cannot "patch" human emotions like curiosity, fear, or trust. Low Technical Requirement: An attacker doesn't need to be a master coder to trick someone over the phone. The Weakest Link: Humans are often considered the weakest link in any security ch...

Google Dorking Guide (2026): Using Advanced Search to Discover Hidden Information

Welcome back to CyberShield! Search engines are more powerful than most people realize. Beyond regular queries, they can reveal deeply indexed content that is not easily visible through normal browsing. In cybersecurity, this technique is known as Google Dorking . It allows researchers to uncover publicly exposed data using advanced search queries without ever directly interacting with the target's server. What is Google Dorking? Google Dorking refers to the use of advanced search operators to locate specific types of information within search engine indexes. Instead of performing simple keyword searches, users apply structured queries to filter results and uncover hidden or sensitive data that was never meant to be public. Why It Matters in Security Testing For penetration testers and bug bounty hunters, this technique is a vital part of passive reconnaissance . It helps to: Identify exposed files and directories: Finding folders that should be private. Discover forgotten or unl...

Introduction to Wireshark: Mastering Network Traffic Analysis (2026 Guide)

  Welcome back to CyberShield! We have explored web vulnerabilities and reconnaissance. Now, it's time to go deeper into the network layer. If you want to see exactly what is traveling through your Wi-Fi or Ethernet cables, you need to master Wireshark . What is Wireshark? Wireshark is the world’s most popular network protocol analyzer. It allows you to capture and interactively browse the traffic running on a computer network. Think of it as a "microscope" for your network—it lets you see every single packet that is sent or received. Why Do Pentesters Use Wireshark? For a Cybersecurity professional, Wireshark is essential for: Analyzing Protocols: Understanding how HTTP, DNS, TCP, and TLS work. Finding Vulnerabilities: Spotting unencrypted sensitive data (like passwords) sent over plain HTTP or FTP. Incident Response: Investigating how a malware or virus is communicating with its Command and Control (C2) server. Network Troubleshooting: Fixing latency or connection ...

Nmap Tutorial: Complete Guide to Network Scanning and Reconnaissance (2026)

  Introduction In penetration testing and cybersecurity, the first step is always reconnaissance. Before identifying vulnerabilities, you need to understand the target system—what services are running, which ports are open, and what technologies are in use. One of the most powerful tools for this purpose is Nmap (Network Mapper). What is Nmap? Nmap is an open-source network scanning tool used to discover hosts and services on a network. Security professionals use Nmap to: Identify active devices Detect open ports Discover running services Gather system information Why Nmap is Important Nmap plays a crucial role in the reconnaissance phase: Network Discovery It helps identify which systems are online. Port Scanning You can find open, closed, and filtered ports. Service Detection Nmap can detect the version of services running on ports. Security Assessment It helps identify potential entry points for attackers. Installing Nmap On Kali Linux: sudo apt install nmap Basic Nmap Commands ...

WafW00f Tutorial: Detecting Web Application Firewalls (WAF) in 2026.

  Introduction During reconnaissance and penetration testing, understanding a target’s defensive setup is critical. Before attempting any testing, security professionals need to know what protections are in place. One of the most common defenses used by modern web applications is a Web Application Firewall (WAF). To identify this protection layer, a specialized tool called WafW00f is widely used. What is WafW00f? WafW00f is an open-source reconnaissance tool designed to detect the presence of a Web Application Firewall. It helps security testers determine: Whether a WAF is protecting the target The specific type or vendor of the WAF This information is useful when planning testing strategies and understanding possible restrictions. What is a Web Application Firewall (WAF)? A Web Application Firewall (WAF) is a security system that monitors and filters incoming HTTP/HTTPS traffic between users and a web application. It protects against attacks such as: SQL Injection Cross-Site Scrip...

Subdomain Enumeration Guide: Finding Hidden Attack Surfaces (2026)

  Welcome back to our Cybersecurity series! We have completed our initial 20-post journey, but the learning never stops. Today, we are diving deep into the most critical part of the Reconnaissance phase: Subdomain Enumeration . What is Subdomain Enumeration? Subdomain Enumeration is the process of finding all the subdomains (e.g., dev.example.com , api.example.com , staging.example.com ) associated with a main domain ( example.com ). Professional hackers spend a lot of time here because main domains are usually highly secured, but subdomains—especially those used for development or testing—often have weak security, unpatched software, or hidden admin panels. Why Should You Care About Subdomains? Hidden Assets: Companies often forget about old subdomains that might contain sensitive data or old backup files. Increased Attack Surface: Every new subdomain is a new chance to find a bug like SQLi, XSS, or SSRF. Subdomain Takeover: Sometimes, a subdomain points to a service (like Gi...

HTTP Security Headers: The Invisible Shield for Your Website (2026 Guide)

  Welcome to the 19th part of our Cybersecurity series! We have learned about many active attacks like XSS, CSRF, and SSRF. But did you know that you can prevent many of these attacks just by adding a few lines of configuration to your server? Today, we are talking about HTTP Security Headers . What are HTTP Security Headers? When you visit a website, the server sends a response. Along with the content (HTML), it sends "Headers"—hidden instructions for the browser. Security Headers tell the browser how to behave securely, preventing hackers from exploiting common web flaws. Top 5 Security Headers Every Site Needs To get an "A+" grade in security audits, you must implement these headers: 1. Content Security Policy (CSP) This is the most powerful header. It tells the browser which sources of scripts, images, and styles are trusted. Prevents: Cross-Site Scripting (XSS). Example: Content-Security-Policy: default-src 'self'; (Only allow content from the same...