Android… Best Ad Blocker Apps For Android 11 Nov 201811 Nov 2018 By Khaled Shariar - LAST UPDATED: August 10, 2018 Want to get rid of annoying ads? Check out the following ad blocker for android to stop seeing ads on Android.…
#career… Linux Foundation Deals For LSB Followers 25 Oct 2018 We are delighted to be able to team up with The Linux Foundation to bring you some great deals on amazing Linux courses and materials. All courses, on completion is…
AppSec… OWASP Security Shepherd- Session Management Challenge One – Solution – LSB 12 Oct 201812 Oct 2018 We have another solution in the OWASP Security Shepherd challenges and we enjoyed completing this one. You can find out about Session Management from OWASP here. So let's get on…
AppSec… Penetration Testing – Complete Guide 10 Oct 201810 Dec 2018 What is Penetration Testing? It’s the process to identify security vulnerabilities in an application by evaluating the system or network with various malicious techniques. The weak points of a system…
AppSec… OWASP Security Shepherd – Failure To Restrict Access Solution – LSB 27 Sep 201827 May 2019 Am I Vulnerable To 'Failure to Restrict URL Access'? The best way to find out if an application has failed to properly restrict URL access is to verify every page. Consider for…
AppSec… OWASP Security Shepherd – Insecure Cryptographic Storage Challenge 1 Solution – LSB 21 Sep 2018 Thanks for visiting and today we have another OWASP Security Shepherd Solution for you. This time it's the Insecure Cryptographic Storage Challenge. Cryptography is usually the safest way to communicate…
AppSec… OWASP Security Shepherd – SQL Injection Solution – LSB 15 Sep 201819 Sep 2019 A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data…
AppSec… Create a Persistent Back Door with Kali, Netcat and Weevely 13 Sep 201815 Aug 2020 This post will dive into how we can take advantage of a vulnerability in a web application to gain access and upload a backdoor that we can connect to in…
AppSec… OWASP Security Shepherd – Cross Site Scripting One Solution – LSB 12 Sep 201812 Sep 2018 Welcome back to LSB my budding hackers. Today's lesson is about Cross Site Scripting (Or XSS). Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected…
AppSec… OWASP Security Shepherd – Insecure Direct Object Reference Solution – LSB 10 Sep 2018 Welcome back to the Security Shepherd solutions from LSB. This was quite an interesting puzzle and it took a few tries to get the key. Insecure Direct Object Reference (called IDOR from here) occurs when…
AppSec… OWASP Security Shepherd – Failure To Restrict Access Solution – LSB 7 Sep 20187 Sep 2018 What is Failure to Restrict URL Access Vulnerability/Threat? Failure to restrict URL access occurs in applications hide functionality from non-privileged users. In an application that fails to restrict URL access, administration…
AppSec… AV evading with Veil 29 Aug 201822 Nov 2019 One of the most important issues any hacker must address is how to get past security devices and remain undetected. These can include antivirus software, intrusion detection systems, firewalls, web…
Android Security… How To Find And Delete Where Google Knows You’ve Been 14 Aug 201814 Aug 2018 Even if “Location History” is off on your phone, Google often still stores your precise location Here are some things you can do to delete those markers and keep your location…
AppSec… W3af walkthrough and tutorial 9 Aug 20189 Aug 2018 w3af (Web Application audit and attack framework) is a framework for auditing and exploitation of web applications. In this series of articles we will be looking at almost all the…
#career… National SysAdmin Appreciation Day! 25 Jul 2018 Reward yourself with discounted training & certifications! 2 courses and 1 certification in each bundle: $325 each! We'll even give you a free T-shirt with every purchase! We are an independent…
AppSec… The Best Hacking Books 2018 25 Jul 201825 Jul 2018 BY HACKING TUTORIALS ON FEBRUARY 2, 2018 One of the most popular and most asked questions since I’ve started this blog is if I can recommend some good hacking books to read…
AppSec… Python Scripting For The Ethical Hacker 21 Jun 20188 Sep 2019 Welcome back, my greenhorn hackers!I began this series on scripting awhile back to teach all aspiring hackers how to write some basic scripts for hacking and reconnaissance. Without developing some basic scripting skills,…
AppSec… XSS in Canopy login page 21 Jun 201821 Jun 2018 [Description] CheckSec Canopy 3.x before 3.0.7 has stored XSS via the Login Page Disclaimer, allowing attacks by low-privileged users against higher-privileged users.This instance of stored cross-site scripting (XSS) vulnerability could…
AppSec… Stealing Signal Conversations from a MacBook 27 May 2018 Developed by Open Whisper Systems, Signal is a free, open-source encrypted communications app for both mobile and desktop devices that allows users to make voice calls, send instant messages, and even make…
AppSec… Setting Up A Snort IDS on Debian Linux 24 May 2018 Malicious network traffic (such as worms, hacking attempts, etc.) has certain patterns to it. You could monitor your network traffic with a sniffer and look for this malicious traffic manually…
AppSec… Password cracking with John the Ripper 24 May 201810 Feb 2019 Introduction For those of you who haven't yet heard about John the Ripper (hereby called John for brevity), it is a free password cracking tool written mostly in C. Before…
AppSec… Spamming Facebook Messages 3 Jan 201811 Apr 2018 We have reported this bug to Facebook and they replied asking "How is this different than hitting the message button?" If you want to spam everyone in the World that…
AppSec… OWASP – A2 – Broken Authentication and Session Management – LSB 24 Nov 201729 Jun 2018 Threat Agents Consider anonymous external attackers, as well as users with their own accounts, who may attempt to steal accounts from others. Also consider insiders wanting to disguise their actions.…
AppSec… Exploiting CSRF under NoScript Conditions 22 Nov 201716 Mar 2019 CSRFs -- or Cross-Site Request Forgery vulnerabilities -- occur when a server accepts requests that can be “spoofed” from a site running on a different domain. The attack goes something like this:…
AppSec… A Guide to Not Getting Hacked 20 Nov 20175 Mar 2019 Hackers steal hundreds of millions of passwords in one swoop and occasionally cause large-scale blackouts. The future is probably not going to get better, with real-life disasters caused by internet-connected knick-knacks, smart home robots that could kill…
AppSec… On Web Extensions shortcomings and their impact on add-on security 12 Nov 201712 Nov 2017 Recently, I reported a security issue in the new Firefox Screenshots feature (fixed in Firefox 56). This issue is remarkable for a number of reasons. First of all, the vulnerable code was…
AppSec… OWASP Security Shepherd – Security Misconfiguration – Solution – LSB 2 Nov 201712 Dec 2019 Welcome back to another OWASP Security Shepherd solution. This challenge is called Security Misconfiguration. So we are given a Username and Password field and we can get the result key…
AppSec… you.dj Unlock The Sampler 30 Oct 201710 Aug 2018 If you've ever used the DJ application you.dj as a normal user you will have used the sampler to add various sounds to your mixes. But as a normal user…
AppSec… Owasp Security Shepherd – Poor Data Validation – Solution – LSB 8 Sep 201710 Jun 2019 Welcome hackers to a new OWASP Security Shepherd solution. The challenge in question is the Poor Data Validation and this happens when data is only checked on the client side.…
AppSec… How to Hijack Web Browsers Using BeEF 28 Aug 20177 Nov 2017 Welcome back my fellow hackers! Today we’re going to be introducing a new tool for hacking web browsers. Often times, we will need to exploit a variety of vulnerabilities associated…
AppSec… Installing Security Shepherd on VMWare Workstation 12 Player 21 Aug 201726 Jul 2018 In this post we will install Security Shepherd. A vulnerable web app for us to hack. You can download the ISO image here. Once you download the software, depackage it,…
AppSec… Security Shepherd Solutions 20 Aug 201715 Oct 2018 The OWASP Security Shepherd project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic.…
AppSec… How to install WebGoat on Ubuntu 27 Apr 201727 Apr 2017 WebGoat is a deliberately insecure, Java web application designed for the sole purpose of teaching web application security lessons. The officially-stated aim is to enable developers to “test vulnerabilities commonly…
Android… Resources for Rooting your Android Device 11 May 201625 Jun 2020 As Android matures, the wide-open style of root access we may have grown used to with legacy versions has gone away. Because Android is designed for mobile devices, the focus…
AppSec… Pen Testing Web Browsers With BeEF 14 Mar 201628 Nov 2019 BeEF was developed by a group of developers led by Wade Alcorn. Built on the familiar Ruby on Rails platform, BeEF was developed to explore the vulnerabilities in browsers and…
#career… SQLMap – Testing With SQL Injection 12 Mar 20168 Oct 2021 Sqlmap is included in pen testing linux distros like kali linux, backtrack, backbox etc. On other distros it can be simply downloaded from the following url: http://sqlmap.org/. Since its written…
#Metasploit… Metasploit for the Aspiring Ethical Hacker, Part 1 1 Mar 201614 May 2019 Metasploit was developed by HD Moore as an open source project in 2003. Originally written in Perl, Metasploit was completely rewritten in Ruby in 2007. In 2009, it was purchased…
AppSec… Defending against CSRF Attacks 11 Feb 201626 Aug 2019 Cross-Site Request Forgery, or CSRF for short is a common and regular online attack. CSRF also goes by the acronym XSRF and the phrase “Sea-Surf”. CSRF attacks include a malicious…
#career… Sniffing Access Points and Mac Addresses Using Python 4 Feb 201625 Aug 2019 Well, once again it’s time to do something interesting using python and reveal the power of python programming. We will learn how to use a library in python called Scapy.…
#Metasploit… Exploring the Hacker Tools of Mr. Robot 15 Sep 201525 Aug 2019 Over the years the most famous hacking tool that has made it into the movies is Nmap. When producers of a movie actually try to put a dose of reality…
Linux Security Blog 