we@osgroup-techies:~# _

Terraform Providers:             plugins  that interact with cloud providers, SaaS providers, and other APIs.  Each provider adds a set of resource types  and/or data sources  that Terraform can manage. W ithout providers, Terraform can't manage any kind of infrastructure. All Terraform configurations must declare which providers they require so that Terraform can install and use them Provider Configuration Sample Example of Provider Declaration In many Terraform setups especially in growing teams . it's common to see each module define its own provider block. It often looks like this:    terraform {     required_providers {       incus = {         source  = "lxc/incus"         version = "0.3.1"     }   } As infrastructure evolves the need of multiple modules becomes inevitable . Each of the modules if following the hardcoded approach incl...

  A Reverse Shell is an attack where a compromised machine connects back to an attacker’s system, allowing remote control. This bypasses firewalls, as outgoing traffic is often less restricted than incoming. We'll create two ubuntu instances Instance A - The Target Machine Instance B - The Attacker's Machine How It Works The Attacker setups Listener The Malicious payload is run to get back the shell Post the remote access is gained, depending on what user the listener is running In this video, we are going to: Set up a Listener on A ( as a non root user )  Connect from B, Execute commands and test , Try rebooting . Setup up Listener on A ( with root user ) Connect from B, Execute commands  , Try rebooting . Mitigation: To defend against reverse shells, security measures like strict firewall rules, intrusion detection/prevention systems (IDS/IPS), regular patching, network monitoring, and the use of endpoint protection solutions can be implemented. Additionally, educating...

Telnet, an early protocol for remote server and device access, was once groundbreaking. However, in today’s era of cybersecurity threats, Telnet’s lack of encryption has made it obsolete and dangerous to use. This blog will demonstrate the security risks of Telnet by capturing and analysing its unencrypted communication over a network. We Will: Create two Ubuntu instances using Multipass. Install and configure a Telnet server on one instance. Create a user and password on the server. Capture network packets while authenticating to the server. Analyse the captured packets to show how credentials are sent in plain text. Part 1: Introduction and Setting Up Ubuntu Instances In Part 1 , we start by setting up Ubuntu instances using Multipass . We walk through the process of creating a Telnet server and Telnet client , preparing the environment for the next steps. Watch the video here: In Part 2 , we install and configure the telnetd package on the Telnet server . This is the crucial step...

Prerequisites Before we dive into packet analysis, make sure you have the following set up: Two Endpoints (VMs or Containers) Wireshark tcpdump It’s also important to have a basic understanding of: TCP SSH Linux Introduction In this blog post, I'll guide you through the step-by-step process of analyzing SSH connection packets using Wireshark. Whether you're troubleshooting SSH issues or simply curious about how SSH works at the protocol level, this tutorial is for you. We'll cover both successful and failed SSH connections, examining the packet flow and explaining what’s happening in the background. I've already set up a working environment for this use case. Let’s dive right into packet capture and analysis, and uncover what happens during an SSH connection. Fig. 1: A list of servers with roles and IP addresses for quick network reference. Breaking Down Packet Capture and Analysis: A Step-by-Step Guide In this post, we'll break down the process of packet capture...

Continuous Integration  (CI) is a development practice where developers commit  code into a shared repository frequently, preferably several times a day. Each commit  then gets verified by an integrated & automated build and similarly with integrated & automated tests. While automated tests aren't strictly part of CI but typically implied. The posted video includes two demos with relative examples and CI concepts. Demo 1:    Python Flask API, Test Cases, Azure DevOps Intro, Docker Multi Stage Builds & CI with GitHub Demo 2:    Python Django MVT Application, Jenkins pipeline , Docker Hub , Terraform, GitHub

    Virtualization is about abstracting the hardware of single computer into several execution environments,thereby creating an illusion that each separate environment is running its own private computer. Containerization is new virtualization , Container is all about cgroups and Namespaces In this video i have tried explaining on virtual machines and containers subscribe for more Thank you !!!