get_queried_object_id(); # if the same page, get the correct template. if( $page_id == $posts_per_page_id ){ # get the current theme directory. $theme_directory = get_stylesheet_directory() ."/"; # get the page template $page_template = get_post_meta($page_id, '_wp_page_template', true ); # by-pass the default template, allow wordpress to handle the fallback template. if( $page_template != 'default' ){ # find the template in the parent if the template is not a child template if( is_child_theme() && !file_exists($theme_directory . $page_template) ){ # set to parent template directory $theme_directory = get_template_directory(); } return $theme_directory . $page_template; } } } return $template; } add_filter('template_include', 'posts_page_custom_template'); ?> Blog | tech your ideas

Blog

Tuning Up the Interface for Sniffing

Sridar Sri IT Security, Networking, Unix/Linux Leave a Comment on Tuning Up the Interface for Sniffing

https://cromwell-intl.com/open-source/performance-tuning/ethernet.html




Application Security – Missed Plots Redefined – BSIMM

Sridar Sri IT Security, Networking, Software Engineering Leave a Comment on Application Security – Missed Plots Redefined – BSIMM

How often we develop poorly but try to secure the application at the perimeter level? Is this even possible? Regardless of the whatever the methodologies being applied for SDLC; there are certain things the team must focus on enforcing the cyber security. Whether you are on Agile, Waterfall or CICD; these “things” must not e […]




Network Technologies and Tools

Sridar Sri IT Security, Networking, Security+ , , , , , , , , , , , , , , Leave a Comment on Network Technologies and Tools

Install and configure network components, both hardware and software-based, to support organizational security. Firewall / UTM NIDS / NIPS VPN Concentrator Firewalls Isolate one network from another A network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules […]




Network Components

Sridar Sri IT Security, Networking, Security+ , , , , , , , , , , , , , , , , , , , , Leave a Comment on Network Components

Install and configure network components,both hardware and software-based, to support organizational security Router Switch Bridge Proxy Load Balancer Firewall NIDS / NIPS VPN Concentrator Wireless Access Points SIEM DLP NAC SSL / TLS accelerators Mail / Media Gateway Hardware Security Models Router Connects computer networks Operate at Layer 3 (Network Layer) Stores information about network […]




What is a Network?

Sridar Sri IT Security, Networking, Security+, Uncategorized , , , , , , , , , , , , , Leave a Comment on What is a Network?

A network is a way to get ”stuff” between 2 or more “things” Goal: Basic understanding of common modern networking technology and terminology Examples: Analog: ’Snail’ Mail, phone system, conversations, railroad system, highways and roads. Digital: Routers & switches, clients & servers Applications: Email/Messaging, Database, Web Protocol Concepts Protocols are sets of rules. What do […]




Cyber Technologies and Tools

Sridar Sri IT Security, Security+ , , , Leave a Comment on Cyber Technologies and Tools

A Cyber Security Professional must posses following skills to master the field. Each skills can be acquired over the time with proper working experience and training. Firm motive, integrity in attitude, trustworthy actions, highly patient and continual learning are stream line the cyber career. Install and configure network components, both hardware and software-based, to support […]




Vulnerability Scanning Concept

Sridar Sri IT Security, Security+ Leave a Comment on Vulnerability Scanning Concept

Process Passively test security controls – Does not exploit a vulnerability. Identify vulnerability / System Flaw / Un-patched Code Identify lack of security controls Identify common mis-configurations by reviewing policies, rule set and system settings. Types Intrusive vs. non-intrusive: See passive vs. active reconnaissance Intrusive: Directly engaging on the target system to identify weaknesses that […]




Penetration Testing Concepts

Sridar Sri IT Security, Security+ , , , Leave a Comment on Penetration Testing Concepts

Will discuss Penetration Testing vs Vulnerability Scanning vs Risk Assessment Active reconnaissance Passive reconnaissance Pivot Initial exploitation Persistence Escalation of privilege Black box White box Gray box Penetration Testing A penetration test, or a pen test, is an authorized, simulated attack on a computer system, performed to evaluate the security of the system by actively […]




Types of Threat Actors

Sridar Sri IT Security, Security+, Uncategorized , , Leave a Comment on Types of Threat Actors

Explain threat actor type and attributes. Types of actors Script kiddies Hacktivist Organized crime Nation states/APT Insiders Competitors Attributes of actors Internal/external Level of sophistication Resources/funding Intent/motivation And will see hot use Use of Open-Source Intelligence Threat/Threat Actor A potential occurrence that can result in an undesirable outcome. A person or thing likely to cause […]




Network and Wireless Attacks

Sridar Sri IT Security, Security+ , , , , , , , , , , , , , , , , , Leave a Comment on Network and Wireless Attacks

Click-jacking: tricking a web user into clicking a spoofed button or graphic. Session hijacking (Cookie hijacking): exploiting a valid computer session, or session key, to gain unauthorized access to information or services. URL hijacking / Typo squatting: the act of registering domains that are similar to those for a known entity but based on a […]




Threats, Attacks and Vulnerabilities

Sridar Sri IT Security, Security+ , , , , , Leave a Comment on Threats, Attacks and Vulnerabilities

Application Attacks Buffer overflow Injection Cross-site scripting (XSS) Cross-site request forgery (CSRF or XSRF) Privilege escalation Search “OWASP top ten” for risks related to applications. Buffer Overflow Attacks When more data are written to a buffer than it can hold An anomaly where a program, while writing data to a buffer, overruns the buffer’s boundary […]




Social Engineering

Sridar Sri IT Security, Security+, Uncategorized , , , , , , , Leave a Comment on Social Engineering

Definition: The process by which intruders gain access to facilities, network, systems, data and even employees by exploiting the generally trusting nature of people. The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes. Reference: Chris Hadnagy, The Art of Human Hacking (Wiley, 2010) Social […]




Types of Cyber Attacks

Sridar Sri IT Security, Security+ , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Leave a Comment on Types of Cyber Attacks

Compare and Contrast type of attacks Social Engineering   Phishing, Spear Phishing , Whaling, Vishing, Tailgating, Impersonation, Dumpster Diving, Shoulder Surfing Application/Service Attacks Buffer Overflow, Injection, Cross-Site Scripting, Cross-Site Forgery, Privilege Escalation, Impersonation/Masquerading, Replay, Driver Manipulation (Shimming, Refactoring) Cryptographic Attacks Birthday, Known plain text/cipher text, Rainbow Tables, Dictionary, Brute Force, Pass the hash Hijacking and […]




IOC and Malware

Sridar Sri IT Security, Security+ , , , , , , , , , , , , , , , Leave a Comment on IOC and Malware

Types of Malware Viruses Crypto Malware Ransomware Worm Trojan Rootkit Keylogger Adware Spyware Bots RAT Logic bomb Backdoor Malware Attacks Delivery – How it get to the target. Propagation – How malware spreads. Payload – What malware does once it’s there. Indicators of Compromise(IoC) – An artifact observed on a network or in an OS […]




104.7 Find System Files and Place files in correct location

Sridar Sri Unix/Linux Leave a Comment on 104.7 Find System Files and Place files in correct location

Understand correct locations of  files under the FHS. Find files and commands on a linux system. Know the location and purpose of files and important files and directories as defined in the FHS. Commands : find, locate, updated, whereis, which, type Understand Correct locations of files under FHS The File System Hierarchy Standard(FHS) specifies guidelines […]




104.6 Create and Change hard-symbolic links

Sridar Sri Unix/Linux Leave a Comment on 104.6 Create and Change hard-symbolic links

Create links Identify hard and soft links. Copying versus linking files. Use links to support system administration tasks. Commands : ln, ls The link(ln) command creates a link to a file, which point a file in different directory. Hard Links File data can have more than one name in the different location in the same […]




104.5 Manage file permissions and ownership

Sridar Sri Unix/Linux 5 Comments on 104.5 Manage file permissions and ownership

Manage access permissions on regular and special files as well as directories. Use Access Modes such as SUID, SGID and the Sticky Bit to maintain Security Know How to change the file creation mask Use the group filed to grant access to group members Commands : chmod, umask, chown, chgrp Permissions can be set at […]




104.4 Manage Disk Quotas

Sridar Sri Unix/Linux Leave a Comment on 104.4 Manage Disk Quotas

Commands : quota, edquoata, repquota, quotation Setup Disk quota for the filesystem Disk quotas enables set storage limits for and individual user. Quota limits can be added to the /etc/fstab file A ‘soft limit’ can be exceeded to for the duration of grace period. The soft limit is enforced as a ‘hard limit’ once the […]




104.3 Control mounting and un-mounting of Filesystem

Sridar Sri Unix/Linux Leave a Comment on 104.3 Control mounting and un-mounting of Filesystem

Manually mount and un-mount filesystems The mount and umount commads attach and detach filesystems to a mountpoint directory Mount checks for filesystem entries Filesystems can be mounted using a label Configure file system mounting on bootup The /etc/fstab cile contains information about filesystem use by the mount command. Filesystem maintenance also includes updating ‘fstab’ file […]




104.2 Maintain integrity of Filesystem

Sridar Sri Unix/Linux Leave a Comment on 104.2 Maintain integrity of Filesystem

Verify the integrity of the filesystems Verify free space and inodes Repair simple filesystem problems Commands: du, df , fsck, e2fsck, mke2fs , debugfs, dumpe2fs, tune2fs, xfs_metadump, xfs_info Filesystems may become corrupted due to misuse, power loss, or other issues. The ‘fsck’ utility is primary usest to check and repair filesystem integrity. Separate fsck commands […]




Linux + Devices, Filesystems, Filesystems Hierarchy Standard

Sridar Sri Unix/Linux Leave a Comment on Linux + Devices, Filesystems, Filesystems Hierarchy Standard

LX-103 – 104 104.1 Create Partitions and Filesystems Manage MBR partitions table Use various mkfs commands to create various filesystems such as, ext2 / ext3 / ext4 XFS VFAT Awareness of ReiserFS and Btrfs Basic knowledge of ‘gdisk’ and ‘parted’ with GPT Commands : fdisk, gdisk, parted, mkfs, mkswap Manage MBR Partitions Table Storage devices […]





Linux-Commands

Linux+ GNU and Linux Commands

Sridar Sri Unix/Linux Leave a Comment on Linux+ GNU and Linux Commands

Work On the Command Line Text searching *- match 0 or any in filenames ?-  Match single character in file name [abcde] – Match any listed characters [a-g] – Match range of characters [!abcde] – Match any characters not listed [!a-e] – Match any characters non in range  [cat,dog,car] – Match any word in list […]




Pen-testing Commands Part 1

Sridar Sri IT Security, Offensive Security Leave a Comment on Pen-testing Commands Part 1

Hash Cracking – Jhon Unzip /usr/share/worllists/rockyou.txt.gz jhon Foot-printing Websites or Webserver Nikto nikto -e 1 -h mysite.com -e the evasion switch, 1 random number for encoding, -h for define IP or hostname The Harvester theharvester -d example.com -i 50 b google -h myresults.html -d is the domain or company name to search. -i limit results. […]





Google for Pentesting

Google Reconnaissance or Foot-printing

Sridar Sri Offensive Security, Pentesting Leave a Comment on Google Reconnaissance or Foot-printing

filetype:type – Searches for only files with specific type. Example ; filetype:pdf intitle:string – searches for pages contains string in title. Example: intitle:login inurl:url – displays pages with url in pages. site:domain – can be combined with other searches. Example: site:microsoft.com passwd. would return all pages with text ”passwd’ in microsoft.com





Footprinitng – sridarsri.com

FootPrinting / Reconnaissance

Sridar Sri Pentesting Leave a Comment on FootPrinting / Reconnaissance

Collecting information prior for exploiting a vulnerability. This would be the first step of an attack. Benefits Of FootPrintng Know the security posture of the target Reduce the focus area or attack surface Identify holes, vulnerabilities precisely Network Map Active FootPrinting Active FootPrinting is direct engagement with the target. Involves the use of tools and techniques […]




URL Request but no Response Data in PHP

Sridar Sri Developing , , , , , Leave a Comment on URL Request but no Response Data in PHP

This happened to me when I had to add google recaptcha to a PHP contact form. Information from a contact from sent via a email.





Maria in Matale

Hill Side Ride in SriLanka – with Maria From Spain

Sridar Sri Riding Diaries , , , , , , , Leave a Comment on Hill Side Ride in SriLanka – with Maria From Spain

Hill Side Ride in SriLanka is an adventurous and energizing experience that sooth the mind. At above 400M sea level ride among Nuckles Mountains Range, and water-falls down the streams in chill climate nicely fitted for Spiritual Journeys. We never meet someone by accident, all those who come into our lives teach us a ‘lesson’. […]




Software Environments – Development – QA – Production

Sridar Sri Software Engineering , , Leave a Comment on Software Environments – Development – QA – Production

Software Environments are physical or logical configurations fallen around different development phases. From analysis to maintenance an application goes through diverse Software Environments. See this chart,
Environments >Development EnvironmentQA/Testing EnvironmentConfiguration EnvironmentProduction Environment
Info >Software is being developed from requirements specifications.Testable software is being tested with Test Case Scenarios(TCS) and TCSA base/master version of software maintained at repositories. Releases are derived from repositories.Software is installed or deployed to serve those business needs.
People Involved >Business Analyst(BA)
Developers
Testing Team
QA Team
End User
Project Manager(PM)
System Engineer,
PM
End User,
Support Operations Team,
PM




Why to Document? Software Development vs Engineering

Sridar Sri Software Engineering , , , Leave a Comment on Why to Document? Software Development vs Engineering

Some people doesn’t like to write what they do. Documentations are set of rules that software guys need to adhere to ensure the quality of the software being developed. What happens if your driving along a road that do not have any traffic rules? Accidents! Time wasting! Left away from where you wanna reach. Same […]





Sharing Folder:Directory between Linux(Kali,Ubuntu,Debian) and Windows

Sharing a Directory/Folder between Linux(Kali) and Windows

Sridar Sri Networking , , , , , , , , , , Leave a Comment on Sharing a Directory/Folder between Linux(Kali) and Windows

There are various ways to do this. Make sure both hosts connected property by using the ‘ping’ command. Share the folder properly in Windows. You can check this shared folders using ‘net share’ command in CMD. Let’s assume as ‘shared_files’. Install CIFS Utilities in Linux(Kali or Debian) host. Run the command: apt-get install cifs-utils Update […]





Agile Process in Detail

Agile Software Development – What happens actually? – In Detail

Sridar Sri Software Engineering , , , , , , Leave a Comment on Agile Software Development – What happens actually? – In Detail

Agile they said. Embrace changes they said. Agile development conquered the world of SLDC. More than 80% of the softwares being developed via agile methodologies nowadays. What is Agile? Agile focus on releasing urgent solutions required to the client in a faster manner. Minimal documentation  practice needs to be adapted and team members needs to […]





Defects Faults Failures Software Testing

QA – Quality Assurance Factors- Defect vs Fault vs Failure

Sridar Sri Software Engineering, Testing , , , , , , , , , , , , , , , , Leave a Comment on QA – Quality Assurance Factors- Defect vs Fault vs Failure

Quality Assurance (QA) makes sure obstacles such as Defect, Fault and Failure are eliminated in a controlled manner. All three are somewhat negative towards a positive goal. Remember that equal positivity against a specific negativity result in neutral. To out perform and to glitter apart QA team needs to work systematically. Defect vs Fault vs […]





V Model – Verification and Validation

Verification and Validation – The V model

Sridar Sri Software Engineering, Testing Leave a Comment on Verification and Validation – The V model

Verification and Validation are two main methods applied for correctly testing the software development phases. Verification makes sure requirement documents created in early software processes are covers all requirements. Validation makes sure end user satisfied with the software product being shown to them at last phases of the SDLC. Verification – Are we building the product right? […]




Get hacked easily or Remove Your Old Phone Numbers From Gmail, Facebook, Twitter, Instagram..

Sridar Sri Precautions , , , , , , , , , , , , , Leave a Comment on Get hacked easily or Remove Your Old Phone Numbers From Gmail, Facebook, Twitter, Instagram..

This is just happened to one of my friend. I got to know as I received a friend request from his new Facebook account.  When I asked the reason, he said “Dude, I got hacked”. (I actually thought someone had created a fake account with his photos and informations.) So in Viber; I asked, “have […]





SDLC DOCUMENTS People Phases Testing

SDLC – Phases, People, Testing/QA and Documents in a Table/Chart

Sridar Sri Software Engineering , , , , , , , , , , , , , , , , , , , 1 Comment on SDLC – Phases, People, Testing/QA and Documents in a Table/Chart

Software Development Life Cycle(SDLC) is carried out via different process models(Waterfall ,Spiral ,Incremental ,Agile ,etc) because of the type, business impact and complexity of the project going to be built. But following phases are basis for any process models. Initiate > Define > Design > Coding > Testing > Development.  Looks like Waterfall Model! Yup! […]




Pressurizing Water Line

Sridar Sri Do It Yourself! , , , , , , , , Leave a Comment on Pressurizing Water Line

Does your home water line has poor flowing. You can plumb it for high pressure. Pressurizing Water Line requires, Booster Pump X 01 Stop Valve X 02 Back Flow Preventer X 01 See the completed plumbing diagram below,   Good Luck!





Test Case Scenarios vs Test Cases

Test Case Scenarios vs Test Cases

Sridar Sri Software Engineering , , , , , Leave a Comment on Test Case Scenarios vs Test Cases

Documenting Test Case Scenarios and Test Cases is a vital part in Software Testing/Quality Assurance. Test Cases and Test Case Scenarios makes sure all functional requirements are available and functioning as expected within the software being built. Test Case Scenarios Test case scenarios(TCS) are requirements of software testing. These are created for each and every […]




Why Custom Built?

Sridar Sri Software Engineering , , , , , , , Leave a Comment on Why Custom Built?

When a software is started building from the scratch or with basic options and focus towards a specific ideas of a client; we are working on client’s satisfaction. Rather than the whole system we are prioritizing the important business functions first and never sat back to redo when necessary. 100% mapping with business functions and […]




Test Planning

Sridar Sri Software Engineering, System Designing , , , , , , Leave a Comment on Test Planning

Test Plan is created and maintained by the test lead/ QA lead. Only the QA lead should be able edit in a controlled manner. Inputs are got from Functional Requirement Document(FRD) to create the Test Plan. It is impossible to add, review, document, update, and maintain the Test Plan on his/her own. So developers plays […]