security

  1. x32x01

    Encrypted Reverse Shell for Pentester

    Reverse shell that is generally used in the wild are prone to sniffing attacks as the communication that happens between the attacker and the victim machine is clear text-based communication. This creates an issue as if the Security Administrators that are responsible for the protection of the...
  2. x32x01

    Wireshark For Pentester: A Beginner’s Guide

    Wireshark is an open-source application and it is the world’s foremost and widely-used network protocol analyzer that lets you see what’s happening on your network at a microscopic level. Just Because it can drill down and read the contents of each packet, it’s used to troubleshoot network...
  3. x32x01

    A Beginner’s Guide to Buffer Overflow

    In this guide, we are going to learn about what is a buffer overflow and how it occurs? Buffer Overflow occurs by overwriting memory fragments of a process or program. Overwriting values of certain pointers and registers of the process causes segmentation faults which cause several errors...
  4. x32x01

    Anonymous Logins for Pentesters

    In this article, we will focus on the various services that support the Anonymous Logins. We will be understanding the process to setup those service on your local target system and then using Kali Linux to access them or attack them. Table of Content Introduction Setting up Anonymous FTP...
  5. x32x01

    Remote Desktop Penetration Testing (Port 3389)

    In this article, we are discussing Remote Desktop penetration testing in four scenarios. Through that, we are trying to explain how an attacker can breach security in a different- different scenario and what types of the major step should take by admin while activating RDP services to resist...
  6. x32x01

    Wireless Penetration Testing: Password Cracking

    In this article, we will be demonstrating the various methods that can be used for Password Cracking for performing Penetration Testing on Wireless Devices. Table of Content Introduction Simulation Mechanism Pre-requisites Initial Setup Password Cracking Aircrack-ng cowpatty Hashcat John The...
  7. x32x01

    Wireless Penetration Testing: Detect Hidden SSID

    Introduction You see an SSID, you connect to it and you onboard a wireless network. But what if I wanted to prevent you from seeing my SSID and thus you are unable to connect? This can be done using the Hide SSID option under your router settings. However, hiding is not always the best option to...
  8. x32x01

    Wireless Penetration Testing: Wifipumpkin3

    Wifipumpkin3 is a framework that is built on python to give rogue access point attacks to red teamers and reverse engineers. In this article, we would look at how we can use this tool to create a bogus Wi-Fi access point for our victims to connect and how to exploit the system. Table of Content...
  9. x32x01

    Metasploit for Pentester: Inject Payload into Executable

    Being lurking and undetectable is the priority after anonymity. In this article, we are going to learn how to create an innocuous-looking backdoor and bind it with a legitimate executable file to gain the victims’ trust. Table of Content Pre-requisites for Lab set up Executable file search on...
  10. x32x01

    What is MAC SPOOFING ?

  11. x32x01

    Metasploit for Pentester: Database & Workspace

    In this series of articles, we are focusing on the various mechanisms of the Metasploit Framework that can be used by Penetration Testers. Today we are going to learn about the workspace and database commands of the Metasploit Framework. Table of Content Introduction Creating a Workspace...
  12. x32x01

    Powercat for Pentester

    Introduction Powercat is a simple network utility used to perform low-level network communication operations. The tool is an implementation of the well-known Netcat in Powershell. Traditional anti-viruses are known to allow Powercat to execute. The installed size of the utility is 68 KB. The...
  13. x32x01

    Cybercriminals exchange tips on underground forums about avoiding arrests

    The technique behind cyberattack has been uncovered by stalking on underground forums, and also what hackers say to do if or whenever they are apprehended. Released on Monday, the Digital Shadows cybersecurity team investigated conversations on dark web forums among black hat hackers and the...
  14. x32x01

    How Telegram End-to-end Encryption Works To Provide Security ?

    Telegram assures to provide privacy and security to its users. But, we must know how to activate and get a hold of privacy related information before using the app ! With the recent updates in WhatsApp privacy policy, huge chaos among users was created, which resulted in many users switching...
  15. x32x01

    HTML5 Security CheatSheet - What your browser does when you look away...

    HTML5 Security CheatSheet What your browser does when you look away... https://html5sec.org
  16. x32x01

    DNS Best Practices for Security and Performance

    The Domain Name System (DNS) makes all networked communication possible. DNS may seem like an invisible force or entity, until something goes wrong, then it’s apparent: If DNS service goes down, then nothing works. This article will outline the best practices and the most important security...
  17. x32x01

    Top 10 Tips To Protect From Online Hacking

  18. x32x01

    TOP web application security Risks ... !!!

  19. x32x01

    Modlishka - Advanced Phishing | Bypass Two Factor Authentication

    We all try to secure our all online accounts and social media accounts and we turn on the Two-Factor Authentication or Two-Step Verification. Then we think that we are now safe. Sometimes we check a phishing page with wrong password. But Modlishka can bypass Two-factor authentication (2FA)...
  20. x32x01

    StegCracker - Steganography Cracker

    In the previous article we learned how we hide some secrets in media files using Steghide. In the way of penetration testing we may encounter with this type of files, in this article we are gonna cover how to recover a unknown stegnographed file. StegCracker is a tool that will help us to do...
Top