1. x32x01

    02 What is the name of the vulnerability in code & how to exploit it ?

    What is the name of the vulnerability in the code and how to exploit it?
  2. x32x01

    01 What is the name of the vulnerability in code & how to exploit it ?

    What is the name of the vulnerability in the code and how to exploit it?
  3. x32x01

    How to do Reconnaissance and Vulnerability Scan Using Red Hawk

    Red Hawk is PHP coded tool for information gathering. I think Red Hawk is the best reconnaissance tool nowadays, because, its ability is superb. Red hawk has a lot abilities to do such information gathering, vulnerability scanning, SQL vulnerable detection, CMS detection, ports scan, crawling...
  4. x32x01

    CallStranger Vulnerability Allows Attack To Override Security Mechanisms And Scan LANs

    This vulnerability allows major DDoS attacks to be launched at CallStranger A security engineer called Yunus Çadirci discovered a flaw in this highly universal platform in December 2019. Çadirci claims that an intruder will send TCP packets to a remote system that includes a malformed...
  5. x32x01

    Free Vulnerability Database And Resources [2021 Compilation]

    Vulnerability Database are the first place to start your day as a security professional. Any new vulnerability detection is generally available through public vulnerability database. These database are a big source of information for hackers to be able to understand and exploit/avoid/fix the...
  6. x32x01

    Finding Exploits for any Vulnerability

    During penetration testing works we need exploits to penetrate into some system, writing an exploit is really a time-consuming job. It is also difficult to find a publicly available exploit for our exact need. So the easier way is we modify the publicly available exploit for our specific work...
  7. x32x01

    Cadaver - Exploit HTTP PUT Vulnerability

    Cadaver is a command line WebDAV client for UNIX. It supports uploading and downloading of a file on WebDAV. Cadaver comes pre-installed with Kali Linux. We can upload web shells also on a vulnerable system using HTTP PUT method. What is HTTP PUT method? PUT method originally introduced as...
  8. x32x01

    Exploitation of ShellShock Vulnerability with BadBash Tool

    In a previous article, we have described the ShellShock vulnerability and in this article we show how to exploit this vulnerability using the BadBash Script. BadBash is a CVE-2014-6271 RCE exploit tool. The basic version only checks for the HTTP CGI site and only provides netcat reverse shell...
  9. x32x01

    ShellShock Vulnerability Exploitation With HTTP Request

    In a previous tutorial, we used Metasploit Framework to gain a low-level shell on the target system by exploiting the ShellShock vulnerability. The same can also be done by sending a HTTP Request with Wget and Curl. In order to exploit the ShellShock bug, the following steps need to occur: you...
  10. x32x01

    ShellShock Vulnerability Exploitation With Metasploit Framework

    Previously we’ve well explained the Heartbleed Vulnerability which already created so much havoc and now we’ll show you a live exploitation of ShellShock Vulnerability (CVE-2014-6271) with Metasploit Framework. ShellShock Vulnerability also called Bash Bug Vulnerability which already affects...
  11. x32x01

    How to Test Meltdown Vulnerability - Detailed Guide 2021

    I hope you all knows the latest vulnerability i.e. Meltdown which has been discovered almost in every CPU having Intel Processor. These both vulnerabilities are basically hardware design flaws that attackers can easily exploit to access part of the memory that should remain private allowing...
  12. x32x01

    Detection and Exploitation of OpenSSL Heartbleed Vulnerability using NMAP and METASPLOIT

    in this post we will discuss how to detect and exploit systems that are vulnerable to the OpenSSL-Heartbleed vulnerability using Nmap and Metasploit on Kali Linux. Around 200000+ servers are still vulnerable to Heartbleed which is a serious vulnerability in the most popular OpenSSL...