Browsing category
Email spoofing is the way of delivering forged emails to recipients.These methods are used by criminals to launch attacks like phishing or spams to provide persistent backdoors with legitimate behavior. Publicly available email servers can be used for spoofing attack.If you have configured your mail server with OPEN RELAY, this dangerous email spoofing attack can be […]
The definitive guide for LFI vulnerability security testing for bug hunting & penetration testing engagements. The intent of this document is to help penetration testers and students identify and test LFI vulnerabilities on future penetration testing engagements by consolidating research for local file inclusion LFI testing techniques. LFI vulnerabilities are typically discovered during web app pen tests […]
ARP spoofing attack is a kind of attack in which a attacker sends falsified ARP (Address Resolution Protocol) messages over a LAN. As a result the attacker links his MAC address with the IP address of a legitimate computer (or server) on the network. If the attacker managed to link his MAC address to an authentic IP address, he will […]
Most of you might think that our favorite operating system Kali Linux might not be vulnerable to a malicious application, but you are wrong as none of the systems In the world is 100% secure. Let us assume that we have downloaded a file named update.deb which is an application installer for the system, now […]
SSL is one the best ways to encrypt network traffic and avoiding man in the middle attacks and other session hijacking attacks. But there are still multiple ways by which hackers can decrypt SSL traffic and one of them is with the help of Wireshark. Wireshark has an awesome inbuilt feature which can decrypt any […]
It can be quite annoying when you have limited access to ports on a network and causes problems when pentesting, as you can only test traffic within the same network. Unless of course you could open the correct ports from within the router default administration panel. There might be a time when access to administration […]
Are you trying to know the Username and Password of any FB Account but you don’t want to hack their Account? It’s Possible! Note: Article is only for security purpose, don’t use for any illegal purpose and i am not responsible for anything. Step 1 : Install Kali (If You Haven’t Done So Already) The […]
The SySS Radio Hack Box is a proof-of-concept software tool to demonstrate the replay and keystroke injection vulnerabilities of the wireless keyboard Cherry B.Unlimited AES. Requirements Raspberry Pi Raspberry Pi Radio Hack Box shield (a LCD, some LEDs, and some buttons) nRF24LU1+ USB radio dongle with flashed nrf-research-firmware by the Bastille Threat Research Team, e. […]
Cyberprobe is a distributed software architecture for monitoring networks under attack. It consists of two components: cyberprobe, which collects data packets and forwards them over a network in standard streaming protocols; and cybermon which decodes protocols, and invokes user-defined logic on the decoded data. Cyberprobe can be integrated with snort so that the captured data […]
rm -rf pic* Are you sure? Are you one hundred percent sure? … allows you to run a command and see what it does to your files without actually doing it! After reviewing the operations listed, you can then decide whether you really want these things to happen or not. What is this […]
Anyone familiar enough with Outlook will know it has a “Rules and Alerts” section that allows the user to automate certain actions based on message criteria. This feature is particularly interesting because the rules sync between all Outlook installs via Exchange. Most of the available rules actions pertain to modifying the mailbox, moving messages, categorizing items, etc. However, a […]
bt2 is a Python-based backdoor in form of a IM bot that uses the infrastructure and the feature-rich bot API provided by Telegram, slightly repurposing its communication platform to act as a C&C. Dependencies Telepot requests Installation $ sudo pip install telepot $ sudo pip install requests PS: Telepot requires minimum of requests 2.9.1 to […]
The WarBerry was built with one goal in mind; to be used in red teaming engagement where we want to obtain as much information as possible in a short period of time with being as stealth as possible. Just find a network port and plug it in. The scripts have been designed in a way […]
Here we will discuss how to hack Facebook, as well as to develop understanding of how fake web pages are created, so that you can protect yourself from such attacks. Requirements to hack Facebook Kali linux – Download here Setoolkit – Accessible within Kali The Social-Engineer Toolkit (SET) was created and written by […]
Encouraging the people to join the cyber-war against ISIS, hacktivist group Anonymous has published three hacking guides. These guides have instructions regarding recognizing ISIS-affiliated websites, using a Twitter bot to uncover social media accounts of ISIS, and learning how to hack using a “NoobGuide” The war between the hackers and terrorists is escalating quickly in […]
Sometimes we forget our password, or even we want to reset the password of the windows OS of our friends, officemate or anybody laptops in legal way. Today i am going to teach you how to reset a password using our Favorite Penetration Testing Operating System the Kali Linux. Requirements: 1.Kali Operating System (click here) […]
If you’ve ever wondered how software pirates can take software and crack it time and time again, even with security in place, this small series is for you. Let’s go over how cracking could work in practice by looking at an example program (a program that serves no purpose other than for me to hack). […]
It infuses the predefined date and time to the objective programming in this way preventing it from expiry. Demo variant programming basically accompanies one month trial period and will lapse after that. When we introduce these product in our framework; they make a passage of subtle elements like Installation Date, Time and so on in […]
Facebook hacking has been a major “topic” for the curious user,but today i’ll be focusing on an easy trick to send messages as anyone on Facebook. Step 1: First off you will need to pick 2 people from your friends list. One will be the inbox sender and one will be the receiver.Lets say we […]
SQL Injection (SQLi) attacks have been around for over a decade. You might wonder why they are still so prevalent. The main reason is that they still work on quite a few web application targets. In fact, according to Veracode’s 2014 State of Security Software Report , SQL injection vulnerabilities still plague 32% of all […]
Penetration testing (otherwise known as pentesting, or the more general security testing) is the process of testing your applications for vulnerabilities, and answering a simple question: “What could a hacker do to harm my application, or organization, out in the real world?”. An effective penetration test will usually involve a skilled hacker, or team of […]