UA Tester A tool for User Agent WAF, IDS/IPS, and Redirection testing. UA-tester is a tool to check whether a website provides different pages for different user agents like for mobile, desktop bots etc. Well, this tool also delivers a lot of information. It is basically a
Read more →
I want to share one of the ways of extracting the password from a machine even when there is an antivirus agent installed on it. A pentester aims to compromise the domain and become the domain admin. Often I have observed that compromising a domain host is easy. This can
Read more →
You need to be able to explain the findings, rate the vulnerabilities, and explain how the results will affect the customer in the real world. It’s important that the client can understand the end report, reproduce exploitation and effectively implement remediation. Best practices: Rate your vulnerabilities Theoretical vs.
Read more →
This article explains how to create a raw socket and use it to do an SYN or ACK or XMAS scan using python, note that you could also use it to make a Denial of Service attack (syn flooding …) See code below: import socket,struct from struct
Read more →
How to Use #nslookup for Ethical Hacking and find various DNS Queries which will help us in gathering more information from the system or website that we want for our Hacking Project. Step 1 is to go to www.wikipedia.org/wiki/List_or_DNS_record_types Step 2 is to open your command prompt. Step 3,
Read more →
Breaches. Breaches. In the past two years, we have read, witnessed or even been affected by attacks even on some fortune 500 companies. The attacks have become sophisticated, notorious and devastating. This calls for advanced blue team efforts which should be focused and relentless. For all we
Read more →
Estimated reading time: 2 minutes Hi All, The following article is intended as a brief introduction to the Veil-Evasion tool. This is part of the Veil-Framework was created by Chris Truncer. The Evasion tool is used to generate a range of different payloads with the ability to circumvent
Read more →Background Information that we need during footprinting. In this post, I’ll tell you how to get the background technology or services that a website is running. This will be helpful in gaining some information during the Information Gathering process and footprinting. How do you get the information
Read more →
Sharing Files/Folders with Samba on Linux First you should install the samba module with using command line; #apt-get install samba Then, create a folder,has everyone (read-write) authorisation, on desktop #cd Desktop #mkdir -p “folder_name” #chmod 777 “folder_name” Then, open samba config folder and add these commands; #vi
Read more →
MITM – Hacking With WiFi-Pumpkin Hi, welcome to “man in the middle” hacking with Wifi-Pumpkin tutorial: This tutorial will show you how to get user credentials (social media credentials) using a tool called Wifi-Pumpkin on ParrotSec with a custom fake login page. Following hacks has been tested
Read more →
