Cybersecurity Tools 1️⃣ Digital Forensics Tools Tool Name Type Used For Who Uses Autopsy Computer forensics Analyze hard disk, recover deleted files Investigators FTK Imager Disk imaging Create forensic image of system Forensic labs EnCase Advanced forensics Evidence analysis & reporting Expert investigators Cellebrite Mobile forensics Extract WhatsApp, calls, SMS…
Command Injection Attack A Command Injection attack happens when a web application takes user input and passes it to the system shell (Linux/Windows command line) without proper validation.An attacker can then append their own commands and make the server execute them. ⚠️ Only practice this inside DVWA or your own…
CSRF in DVWA (for learning/demo) CSRF: An attack where a logged-in user is tricked into sending unwanted requests to a web application, causing actions to be performed without their consent. DVWA (Damn Vulnerable Web Application) is meant for cybersecurity training.So demonstrating CSRF there is safe and expected in a lab….
XSS = Cross-Site Scripting using DVWA It allows an attacker to inject JavaScript into a web page so that it runs in another user’s browser. DVWA has two XSS labs: We’ll do both step-by-step so you can demonstrate in class. 1. Setup DVWA Open: Login → go to DVWA SecuritySet:…
SQL Injection using DVWA SQL injection happens when user input is directly inserted into SQL query without validation. Here are the steps to practical on DVWA utility. Now go to: What this page does You’ll see: It runs a query like: Since input is not sanitized → injectable. Normal query…