#Metasploit… Windows Takeover with a PDF File 18 Jun 202018 Jun 2020 There are multiple ways to exploit and take over a Windows machine, today we will look at doing this with a PDF file containing a virus. For this you will…
AppSec… Python Scripting For Ethical Hacking Part I 15 May 202016 Jun 2020 We've been working on so much lately that it's been a while since our last post so thank you all for being patient. We decided that we should start a…
#career… Train Or Certify Anywhere, Anytime 30% OFF SITE-WIDE! 25 Mar 202025 Mar 2020 ACT FAST, SALE ENDS ON APRIL 7, 2020! Recent disruptions have made remote learning more compelling than ever. We offer you three ways to pursue your training and certification goals.…
#career… Regex Cheat Sheet 9 Feb 202011 Feb 2020 A regular expression, regex or regexp is a sequence of characters that define a search pattern. Usually such patterns are used by string searching algorithms for "find" or "find and…
#Metasploit… Heartbleed Discovery and Exploit 1 Feb 202018 Jun 2020 Heartbleed is a security bug in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security protocol. It was introduced into the software in 2012…
#career… Take Your Career to Cloud 9! 13 Jan 202013 Jan 2020 The demand for cloud experts has never been greater as more and more companies move from the traditional server infrastructure to cloud solutions. If you have resolved to learn about…
#career… Linux Security Fundamentals (LFS216) 9 Jan 2020 Course Overview This course is a comprehensive look at the security challenges that can affect almost every system, especially with the seamless connectivity we seek from the Internet. Many of…
#career… Configuring Your IAM Securely on AWS 20 Dec 2019 To help secure your AWS resources, follow these recommendations for the AWS Identity and Access Management (IAM) service. Lock Away Your AWS Account Root User Access Keys You use an…
AppSec… Gaining Root From a Buffer Overflow Vulnerability 9 Dec 201918 Jun 2020 Buffer overflow flaws can be present in both the web server and application server products that serve the static and dynamic portions of a site, or in the web application…
#career… PenTesting: Gaining Root Privileges on Kioptrix 6 Dec 20196 Dec 2019 Kioptrix is a Capture The Flag style VulnHub VM and the aim of the game is to gain root privileges. We will be using Kali Linux in this post so…
#Metasploit… Write an IMAP Fuzzing Tool 3 Dec 20193 Dec 2019 Picture this scenario. During a host reconnaissance session we discovered an IMAP Mail server which is known to be vulnerable to a buffer overflow attack (Surgemail 3.8k4-4). We found an…
AppSec… First Stack Buffer Overflow to modify Variable 30 Nov 201930 Nov 2019 Stack0: https://exploit.education/protostar/s... Intel Reference: intel.de/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-instruction-set-reference-manual-325383.pdf
#Metasploit… Gaining Access to Windows10 Through VLC Exploit 14 Nov 201918 Jun 2020 VLC is a free and open source cross-platform multimedia player and framework that plays most multimedia files as well as DVDs, Audio CDs, VCDs, and various streaming protocols. Today we…
AppSec… Import VirtualBox Images to GNS3 1 Nov 20197 Nov 2019 This is the second post of our GNS3 tutorials, today we will look at how to import a VirtualBox image into GNS3. If you haven't installed GNS3 yet or downloaded…
AppSec… XML External Entity (XXE) Vulnerability 14 Oct 20199 Mar 2020 According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to…
#Metasploit… BlueKeep – Exploit Windows (RDP Vulnerability) Remotely 10 Oct 201918 Jun 2020 Remote desktop protocol (RDP) is a secure network communications protocol designed for remote management, as well as for remote access to virtual desktops, applications and an RDP terminal server. RDP…
AppSec… Movies Featuring the Nmap Security Scanner 6 Oct 201930 Oct 2019 The Nmap Security Scanner has appeared in many major motion pictures (as well as more obscure films). This gallery provides screen shots and details for each movie. Source: Movies Featuring…
#Metasploit… Exploiting Routers With Routersploit 26 Sep 201912 Jun 2020 If you have Wi-Fi at home, then you have a router, this is how you get your internet access. Today we will be looking a piece of software that allows…
#career… Hacking Android With Metasploit 4 Sep 201912 Jun 2020 Good morning/evening/night my fellow hackers, today's lesson is on Metasploit and how we can hack Android with a Metasploit payload. So let's get started!! As always, this post is for…
#career… Set up some Honeypots and a Threat Map 2 Sep 201917 Sep 2019 Welcome back my fellow ethical hackers. Remember, the contents in this post is for educational purposes and should only be used for ethical reasons, so with that caveat, let's get…
AppSec… Securing Your Crypto Wallet 22 Aug 201917 Nov 2019 by Areeb Soo Yasir · Published · 2019-08-22 Why the world misses out on basic user-based security and isolation. When it came time to create my CryptocurrencyOS, based on Linux…
AppSec… Write a Ping Sweeper in 4 Lines of Bash 21 Aug 201918 Nov 2019 What we will do today is write a script that will ping a certain IP range and tell us which IP's respond to our ICMP requests. In other words we…
#career… Linux Foundation Go Cloud Native Training Bundle Sale 12 Aug 2019 Cloud native technology has a faster deployment time, improved scalability and cloud portability. This explains why cloud native skills are some of the most in-demand in the industry. To help you…
#career… SysAdmin Day Sales – The Linux Foundation 16 Jul 201916 Jul 2019 To celebrate Sysadmin Day, starting July 16th we’re offering all our IT certification and prep course bundles for only $325 each! We’ll also throw in a bonus course, regularly priced…
#career… June Deals: 70% Off Linux Foundation Bundles 16 Jun 201916 Jun 2019 For a limited time, get in-depth training in the open source technologies that matter most with one of our career training bundles - only $349 each - for a 70%…
AppSec… Set Up A Penetration Testing Lab Easily With Vagrant 30 May 201915 Nov 2019 Today we will be looking at a neat little command line tool called Vagrant. This tool allows us to deploy virtual machines seamlessly and we are going to show you…
AppSec… ProxyChains For Anonymity 29 May 201926 Nov 2019 Introduction Proxychains is an incredibly useful tool that is incredibly poorly documented. In this tutorial, we will cover using proxychains and SSH to connect to a multihomed device (like a…
AppSec… Enabling Monitor Mode & Packet Injection on the Raspberry Pi 20 May 201920 May 2019 By Kodyhttps://null-byte.wonderhowto.com/how-to/enable-monitor-mode-packet-injection-raspberry-pi-0189378/The Raspberry Pi Zero W and Pi 3 Model B+ include integrated Wi-Fi, Bluetooth Low Energy, and more than enough power to run Kali Linux. They sound like perfect…
AppSec… New Exploits for Insecure SAP Systems 6 May 201918 May 2019 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target insecure configurations of SAP components. REGISTER TODAY FOR YOUR…
#career… Best Linux Distros for Ethical Hacking and Penetration Testing 1 May 20191 May 2019 Here is a list of some top Linux distro for ethical hacking and penetration testing that will surely help you to pick one that best fits your need. Kali Linux:…
#career… Malware Analysis With Valkyrie 22 Apr 201914 Oct 2019 Valkyrie is a malware analysis tool that's free for you for a year to try out. You can visit https://valkyrie.comodo.com to sign up. Once you sign up you will presented…
AppSec… Adblock Plus filter lists may execute arbitrary code 15 Apr 201915 Apr 2019 A new version of Adblock Plus was released on July 17, 2018. Version 3.2 introduced a new filter option for rewriting requests. A day later AdBlock followed suit and released…
AppSec… Emotet The Banking Trojan 11 Apr 2019 Emotet is a kind of malware originally designed as a banking Trojan aimed at stealing financial data, but it’s evolved to become a major threat to users everywhere. Let’s talk…
#career… Create An SQL Backdoor 7 Apr 20197 Apr 2019 SQL Malware affects a variety of database-driven applications, including but not limited to web applications, services, and desktop applications. This breed of malware is made possible by the SQL functionality for triggers and stored sub-procedures. Notice: SQL malware persists beyond deletion of rows…
#Metasploit… NetBIOS Auxiliary Modules 26 Mar 201927 Mar 2019 Full article: https://www.offensive-security.com/metasploit-unleashed/scanner-netbios-auxiliary-modules/ nbname The nbname auxiliary module scans a range of hosts and determines their hostnames via NetBIOS. msf > use auxiliary/scanner/netbios/nbname msf auxiliary(nbname) > show options Module options (auxiliary/scanner/netbios/nbname): Name…
AppSec… SMB Exploited 14 Mar 201916 Nov 2019 Server Message Block (SMB) is the transport protocol used by Windows machines for a wide variety of purposes such as file sharing, printer sharing, and access to remote Windows services.…
AppSec… Ghidra – First impressions of the NSA Reverse Engineering Tool 13 Mar 201910 Oct 2019 Ghidra is a reverse engineering tool, written in Java, that was recently open-sourced by the National Security Agency (NSA). You can find the Github page here and the download link…
AppSec… Exploiting XXE Vulnerabilities 5 Mar 201927 Nov 2019 By Chris Davis XXE (XML External Entity) attacks happen when an XML parser improperly processes input from a user that contains an external entity declaration in the doctype of an…
AppSec… CSRF Code Examples and Defense 3 Mar 20193 Mar 2019 CSRF is an attack that tricks the victim into submitting a malicious request. It inherits the identity and privileges of the victim to perform an undesired function on the victim's…
#career… Web Application Security 21 Feb 201925 Feb 2019 WHAT IS WEB APPLICATION SECURITY Web application security is the process of protecting websites and online services against different security threats that exploit vulnerabilities in an application’s code. Common targets…
AppSec… VFEmail Suffers ‘Catastrophic’ Hack 13 Feb 2019 Email company VFEmail suffered what they call a "catastrophic" hack that destroyed their primary and backup data for the U.S. The firm’s founder says he now fears some 18 years’…
Android Security… It’s Time To take back Our Internet 20 Jan 201920 Jan 2019 Tim Berners Lee was recently awarded the Turing Award (The ACM A.M. Turing Award is an annual prize given by the Association for Computing Machinery (ACM) to "an individual selected…
