You can register an iTabCode account to be able to view iTabCode without ads. ( Registration is Free ) Register Now


  1. x32x01

    Windows Privilege Escalation: HiveNightmare

    Introduction CVE-2021-36934 also known as SeriousSAM and HiveNightmare vulnerability was discovered by Jonas Lykkegaard in July 2021. Due to an ACL misconfiguration in Windows 10 post-build 1809 and Windows 11, non-admin users are granted read access to the holy trio of SAM, SYSTEM and SECURITY...
  2. x32x01

    Windows Privilege Escalation: Scheduled Task/Job (T1573.005)

    An attacker may exploit the Windows Task Scheduler to schedule malicious programmes for initial or recurrent execution. For persistence purposes, an attacker may utilise Windows Task Scheduler to launch applications at system startup or on a scheduled basis. Additionally, the Windows Task...
  3. x32x01

    A Detailed Guide on Log4J Penetration Testing

    In this article, we are going to discuss and demonstrate in our lab setup, the exploitation of the new vulnerability identified as CVE-2021-44228 affecting the java logging package, Log4J. This vulnerability has a severity score of 10.0, most critical designation and offers remote code execution...
  4. x32x01

    How To Exploit ShellShock Vulnerability To Get Reverse Shell

    Today, we’re going to exploit a BASH Shellshock Vulnerability successfully and getting a reverse shell while protecting yourself and hiding your IP Address. Who is vulnerable to shellshock? CGI scripts using bash variables or commands and CGI scripts are written in bash can be exploited...
  5. x32x01

    Exploit and Backdoor Windows 7,8,10 Bypass Antivirus FUD

    Exploit and Backdoor Windows: I’m back with another tutorial on Hacking Windows 7,8,10 Bypass Antivirus 100% FUD. I’m using shellter AV Evasion tool along with FileZilla.exe server to bind a payload with it. Let’s get started! This tutorial is for Windows, Mac, Linux. Things you need to...
  6. x32x01

    Finding Exploits for any Vulnerability

    During penetration testing works we need exploits to penetrate into some system, writing an exploit is really a time-consuming job. It is also difficult to find a publicly available exploit for our exact need. So the easier way is we modify the publicly available exploit for our specific work...
  7. x32x01

    Cadaver - Exploit HTTP PUT Vulnerability

    Cadaver is a command line WebDAV client for UNIX. It supports uploading and downloading of a file on WebDAV. Cadaver comes pre-installed with Kali Linux. We can upload web shells also on a vulnerable system using HTTP PUT method. What is HTTP PUT method? PUT method originally introduced as...
  8. x32x01

    Hack Android using Metasploit without Port Forwarding over Internet

    Today we’ll discuss about the post exploitation attack using metasploit framework to hack any Android Device without any port forwarding. Generally you can get easily reverse TCP connection with Meterpreter in a LAN network but when you do the same thing over internet i.e. WAN, then the scenario...
  9. x32x01

    How to Gain Access to an Android Over WAN

    Android phones are very easy to break into if the victim can be Social Engineered into doing so. If you use Kali, you may have done this but probably in your own network. This guide shows you how to do so but over HTTP tunneling to a phone anywhere in the world. Step 1 : Load Up Your Kali Shell...