Yangi yamoqlar e’lon qilindiCVE ro‘yxatlariga yangilanishlarTarmoq xavfsizligi bo‘yicha blog postiKriptografiya yangiliklariLinux yadrosi bo‘yicha e’lonOWASP yo‘riqnomalari yangilandi
Yangiliklar tasmasi
Qora + to'q yashil, Kali uslubi
30 ta bo'lim — faqat ko'rish va nusxalash
Kodlarni siz kiritasiz. Foydalanuvchilar o'zgartira olmaydi — faqat ko'rish va nusxa olish.
Tizim ma'lumotlari
Faqat ko'rish va nusxa olish mumkin.
# Tizim haqida asosiy ma'lumotlar
# whoami
# id
# uname -a
# lsb_release -a
# uptime
# date
# hostname
# pwdTarmoq konfiguratsiyasi
Faqat ko'rish va nusxa olish mumkin.
# Tarmoq interfeyslari va sozlamalari
# ip addr show
# ip route show
# ifconfig
# netstat -tuln
# ss -tuln
# cat /etc/resolv.conf
# ping -c 4 8.8.8.8
# traceroute google.comFayl va papka operatsiyalari
Faqat ko'rish va nusxa olish mumkin.
# Fayl tizimi bilan ishlash
# ls -la
# find /home -name "*.txt" -type f
# locate passwd
# which python3
# whereis gcc
# du -sh /var/log
# df -h
# tree /etc | head -20Protsesslar va xizmatlar
Faqat ko'rish va nusxa olish mumkin.
# Ishlaydigan protsesslar va xizmatlar
# ps aux | head -10
# top -n 1 | head -20
# htop --help
# systemctl status ssh
# systemctl list-units --type=service
# jobs
# pgrep ssh
# killall -lFoydalanuvchilar va guruhlar
Faqat ko'rish va nusxa olish mumkin.
# Foydalanuvchi boshqaruvi
# cat /etc/passwd | head -10
# cat /etc/group | head -10
# groups
# last | head -10
# w
# who
# finger $(whoami)
# sudo -lRuxsatlar va xavfsizlik
Faqat ko'rish va nusxa olish mumkin.
# Fayl ruxsatlari va xavfsizlik
# ls -la /etc/shadow
# chmod 644 file.txt
# chown user:group file.txt
# umask
# getfacl /etc/passwd
# stat /etc/passwd
# lsattr /etc/passwd
# find /tmp -perm 777 -type fPaketlar va dasturlar
Faqat ko'rish va nusxa olish mumkin.
# Paket boshqaruvi (Debian/Ubuntu)
# apt update
# apt list --installed | head -10
# apt search nmap
# apt show nmap
# dpkg -l | head -10
# dpkg -L openssh-server | head -10
# which nmap
# whereis python3Log fayllar va monitoring
Faqat ko'rish va nusxa olish mumkin.
# Tizim jurnallari va monitoring
# sudo tail -f /var/log/syslog
# sudo journalctl -xe | head -20
# sudo journalctl -u ssh -n 10
# dmesg | tail -10
# last | head -10
# history | tail -10
# cat /var/log/auth.log | tail -10
# sudo fail2ban-client statusTarmoq diagnostikasi
Faqat ko'rish va nusxa olish mumkin.
# Tarmoq muammolarini aniqlash
# ping -c 3 google.com
# nslookup google.com
# dig google.com
# host google.com
# traceroute 8.8.8.8
# mtr --report-cycles 3 google.com
# netstat -i
# arp -aPort skanerlash (Etik)
Faqat ko'rish va nusxa olish mumkin.
# Port skanerlash - faqat o'z tizimingizda!
# DIQQAT: Faqat ruxsat bor tizimda ishlating
# nmap -sV localhost
# nmap -sS -O localhost
# nmap -A localhost
# nmap -p 1-1000 localhost
# ss -tuln | grep LISTEN
# netstat -tuln | grep LISTEN
# lsof -i -P -n | grep LISTENSSH va masofaviy ulanish
Faqat ko'rish va nusxa olish mumkin.
# SSH konfiguratsiya va ulanish
# ssh-keygen -t rsa -b 4096
# ssh-copy-id user@hostname
# ssh -v user@hostname
# scp file.txt user@hostname:/tmp/
# rsync -avz /local/path/ user@hostname:/remote/path/
# cat ~/.ssh/config
# ssh-agent -s
# ssh-add ~/.ssh/id_rsaKriptografiya va hash
Faqat ko'rish va nusxa olish mumkin.
# Hash va shifrlash
# echo "test" | md5sum
# echo "test" | sha256sum
# echo "test" | sha512sum
# openssl dgst -sha256 file.txt
# gpg --gen-key
# gpg --list-keys
# base64 <<< "hello world"
# echo "aGVsbG8gd29ybGQK" | base64 -dFirewall va xavfsizlik
Faqat ko'rish va nusxa olish mumkin.
# Firewall sozlamalari
# sudo ufw status
# sudo iptables -L
# sudo iptables -L -n -v
# cat /etc/hosts.allow
# cat /etc/hosts.deny
# sudo fail2ban-client status
# sudo fail2ban-client status sshd
# netfilter-persistent saveWeb so'rovlar va API
Faqat ko'rish va nusxa olish mumkin.
# HTTP so'rovlar va web testlash
# curl -I https://google.com
# curl -X GET https://httpbin.org/get
# curl -X POST -d "data=test" https://httpbin.org/post
# wget -O - https://httpbin.org/ip
vcurl -s https://httpbin.org/json | jq '.'
# curl --user-agent "Custom-Agent" https://httpbin.org/user-agent
# curl -H "Accept: application/json" https://api.github.com/users/octocatMatn tahlili va grep
Faqat ko'rish va nusxa olish mumkin.
# Matn qidirish va tahlil
# grep -r "error" /var/log/ | head -5
# grep -i "failed" /var/log/auth.log | head -5
# awk '{print $1}' /etc/passwd | head -5
# sed 's/old/new/g' file.txt
# cut -d: -f1 /etc/passwd | head -5
# sort /etc/passwd | head -5
# uniq -c /var/log/syslog | head -5
# wc -l /etc/passwdArxiv va siqish
Faqat ko'rish va nusxa olish mumkin.
# Arxiv yaratish va ochish
# tar -czf backup.tar.gz /home/user/documents/
# tar -xzf backup.tar.gz
# zip -r archive.zip /home/user/documents/
# unzip archive.zip
# gzip file.txt
# gunzip file.txt.gz
# 7z a archive.7z /path/to/folder/
# 7z x archive.7zCron va vazifalar
Faqat ko'rish va nusxa olish mumkin.
# Avtomatik vazifalar
# crontab -l
# crontab -e
# cat /etc/crontab
# ls -la /etc/cron.d/
# systemctl status cron
# at now + 1 minute
# atq
# atrm 1
# batchGit versiya nazorati
Faqat ko'rish va nusxa olish mumkin.
# Git bilan ishlash
# git --version
# git config --global user.name "Your Name"
# git config --global user.email "your@email.com"
# git init
# git status
# git add .
# git commit -m "Initial commit"
# git log --oneline | head -5
# git branch -aPython muhiti
Faqat ko'rish va nusxa olish mumkin.
# Python dasturlash muhiti
# python3 --version
# pip3 --version
# pip3 list | head -10
# python3 -c "import sys; print(sys.version)"
# python3 -c "print('Hello, World!')"
# pip3 show requests
# python3 -m venv myenv
# source myenv/bin/activate
# which python3Docker konteynerlar
Faqat ko'rish va nusxa olish mumkin.
# Docker bilan ishlash
# docker --version
# docker ps
# docker ps -a
# docker images
# docker pull ubuntu:latest
# docker run hello-world
# docker exec -it container_name bash
# docker logs container_name
# docker system dfTizim resurslar monitoring
Faqat ko'rish va nusxa olish mumkin.
# Tizim resurslarini kuzatish
# free -h
# cat /proc/meminfo | head -10
# cat /proc/cpuinfo | head -10
# lscpu
# iostat 1 3
# vmstat 1 3
# sar -u 1 3
# top -n 1 -b | head -15
# htop --helpUSB va qurilmalar
Faqat ko'rish va nusxa olish mumkin.
# USB va apparat qurilmalari
,
# lsusb
# lspci
# lsblk
# fdisk -l
# mount | grep /dev
# cat /proc/partitions
# dmesg | grep -i usb | tail -5
# udevadm info --query=all --name=/dev/sda1 | head -10
# blkidEnvironment o'zgaruvchilar
Faqat ko'rish va nusxa olish mumkin.
# Muhit o'zgaruvchilari
# env | head -10
# echo $PATH
# echo $HOME
# echo $USER
# export MY_VAR="test_value"
# echo $MY_VAR
# printenv | head -10
# set | head -10
# which bashMetasploit asoslari
Faqat ko'rish va nusxa olish mumkin.
# Metasploit Framework (faqat etik testlash uchun!)
# DIQQAT: Faqat ruxsat bor muhitda ishlating!
# msfconsole --version
# msfvenom --help-formats
# searchsploit --help
# msfdb status
# service postgresql status
# msfconsole -q -x "version; exit"
# ls /usr/share/metasploit-framework/modules/exploits/ | head -5Wireshark va tarmoq tahlil
Faqat ko'rish va nusxa olish mumkin.
# Tarmoq trafik tahlili (etik maqsadda)
# DIQQAT: Faqat o'z tarmog'ingizda ishlating!
# tshark --version
# tcpdump --version
# tcpdump -i lo -c 5
# netstat -s
# ss -s
# iftop --help
# nload --help
# vnstat --helpJohn the Ripper
Faqat ko'rish va nusxa olish mumkin.
# Parol sinash vositasi (faqat etik maqsadda!)
# DIQQAT: Faqat o'z fayllaringizda ishlating!
# john --version
# john --list=formats | head -10
# john --test
# unshadow /etc/passwd /etc/shadow > mypasswd.txt
# john --wordlist=/usr/share/wordlists/rockyou.txt mypasswd.txt
# john --show mypasswd.txt
# hashcat --version
# hashcat --help | head -10Nikto web skaner
Faqat ko'rish va nusxa olish mumkin.
# Web zaiflik skaneri (faqat etik testlash uchun!)
# DIQQAT: Faqat ruxsat bor saytlarda ishlating!
# nikto -Version
# nikto -h http://localhost
# nikto -list-plugins
# dirb http://localhost
# gobuster --help
# wpscan --version
# sqlmap --version
# burpsuite --versionAircrack-ng Wi-Fi
Faqat ko'rish va nusxa olish mumkin.
# Wi-Fi xavfsizlik testlash (faqat etik maqsadda!)
# DIQQAT: Faqat o'z Wi-Fi tarmog'ingizda ishlating!
# aircrack-ng --help
# airodump-ng --help
# aireplay-ng --help
# iwconfig
# iwlist scan | head -20
# macchanger --help
# reaver --help
# wifite --helpSocial Engineering Toolkit
Faqat ko'rish va nusxa olish mumkin.
# Social Engineering Toolkit (faqat ta'lim uchun!)
# DIQQAT: Faqat etik va qonuniy maqsadlarda ishlating!
# setoolkit --version
# msfvenom -l payloads | head -10
# beef-xss --help
# maltego --version
# theharvester --help
# recon-ng --version
# shodan --help
# amass --versionXulosa va eslatmalar
Faqat ko'rish va nusxa olish mumkin.
# MUHIM ESLATMALAR:
# 1. Barcha vositalar faqat etik va ta'limiy maqsadlarda ishlatilsin
# 2. Boshqa odamlarning tizimlariga ruxsatsiz kirish qonunbuzarlik!
# 3. Har doim yozma ruxsat oling
# 4. O'z bilimlaringizni faqat yaxshi maqsadlarda ishlating
# 5. Kiberxavfsizlik - bu himoya, tajovuz emas!
echo "Etik hacker bo'ling, jinoyatchi emas!"
echo "Bilim - kuch, lekin mas'uliyat bilan!"
date
whoamiKiber xavfsizlik yangiliklari
AQSH Milliy Standartlar Instituti yuritdigan zaifliklar bazasi
SecLab · 8/10/2025
Bu saytda siz boshqa saytlarni zaif nuqtalarini va zaifliklarini ko'rishingiz mumkin.
researchO‘qish
Exploit Database(Exploit-DB)
BlueTeam Daily · 8/20/2025
Foydalanuvchilar tomonidan yuborilgan exploit kodlari, PoC’lar va zaiflik tavsiflari.
defenseO‘qish
Packet Storm Security
· 8/6/2025
Exploit’lar, zaiflik tahlillari, xavfsizlik vositalari va yangiliklar jamlanmasi.
vulnerabilitiesO‘qish
Parol kuchini tekshirish
BaholashJuda zaif
- Kamida 8 ta belgi
- Yaxshi: 12+ belgi
- Kichik harf
- Katta harf
- Raqam
- Maxsus belgi
Eslatma: Parollarni hech qachon umumiy joylarda saqlamang. Bu tekshiruv faqat brauzeringizda ishlaydi.
Aloqa
Quyidagi ijtimoiy tarmoqlar orqali bog'laning.