#Metasploit… Gaining Access to Windows10 Through VLC Exploit 14 Nov 201920 Nov 2019 VLC is a free and open source cross-platform multimedia player and framework that plays most multimedia files as well as DVDs, Audio CDs, VCDs, and various streaming protocols. Today we…
AppSec… Import VirtualBox Images to GNS3 1 Nov 20197 Nov 2019 This is the second post of our GNS3 tutorials, today we will look at how to import a VirtualBox image into GNS3. If you haven't installed GNS3 yet or downloaded…
Attacks… Crack WPA Handshake using Aircrack with Kali Linux 29 Oct 201930 Oct 2019 Today's tutorial will be looking into how you can crack the password of the 4 way handshake of someone that is re-authenticating themselves to a wireless router. The goal is…
AppSec… XML External Entity (XXE) Vulnerability 14 Oct 201927 Oct 2019 According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to…
#career… Linux Foundation Development 8 Oct 20198 Oct 2019 As most readers will know, learning Linux is an integral part of the software development process. Since most servers around the world run on Linux it is vital for your…
AppSec… Movies Featuring the Nmap Security Scanner 6 Oct 201930 Oct 2019 The Nmap Security Scanner has appeared in many major motion pictures (as well as more obscure films). This gallery provides screen shots and details for each movie. Source: Movies Featuring…
Attacks… Reverse Engineering Router Firmware 3 Oct 201911 Oct 2019 Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object; similar to…
Attacks… Create a Backdoor Shell in Python 28 Sep 201920 Nov 2019 So we've delved into Python before, but this post should be a bit more interesting. What we will do today is write a backdoor in Python and if you manage…
#Metasploit… Exploiting Routers With Routersploit 26 Sep 20195 Oct 2019 If you have Wi-Fi at home, then you have a router, this is how you get your internet access. Today we will be looking a piece of software that allows…
Attacks… Find Vulnerable Devices On The Internet With Shodan 9 Sep 201923 Sep 2019 Welcome back to LSB and thanks for reading. Today we will be looking at how to search for vulnerable devices around the world using Shodan. Shodan is an index of…
#career… Hacking Android With Metasploit 4 Sep 20197 Sep 2019 Good morning/evening/night my fellow hackers, today's lesson is on Metasploit and how we can hack Android with a Metasploit payload. So let's get started!! As always, this post is for…
#career… SysAdmin Day Sales – The Linux Foundation 16 Jul 201916 Jul 2019 To celebrate Sysadmin Day, starting July 16th we’re offering all our IT certification and prep course bundles for only $325 each! We’ll also throw in a bonus course, regularly priced…
#career… June Deals: 70% Off Linux Foundation Bundles 16 Jun 201916 Jun 2019 For a limited time, get in-depth training in the open source technologies that matter most with one of our career training bundles - only $349 each - for a 70%…
AppSec… Set Up A Penetration Testing Lab Easily With Vagrant 30 May 201915 Nov 2019 Today we will be looking at a neat little command line tool called Vagrant. This tool allows us to deploy virtual machines seamlessly and we are going to show you…
AppSec… Enabling Monitor Mode & Packet Injection on the Raspberry Pi 20 May 201920 May 2019 By Kodyhttps://null-byte.wonderhowto.com/how-to/enable-monitor-mode-packet-injection-raspberry-pi-0189378/The Raspberry Pi Zero W and Pi 3 Model B+ include integrated Wi-Fi, Bluetooth Low Energy, and more than enough power to run Kali Linux. They sound like perfect…
#career… OWASP A2: Broken Authentication and Session Management Cause and Prevention 12 May 201912 May 2019 Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability AVERAGE Prevalence WIDESPREAD Detectability AVERAGE Impact SEVERE Application / Business Specific Consider anonymous external attackers, as well…
#career… Best Linux Distros for Ethical Hacking and Penetration Testing 1 May 20191 May 2019 Here is a list of some top Linux distro for ethical hacking and penetration testing that will surely help you to pick one that best fits your need. Kali Linux:…
#Metasploit… NetBIOS Auxiliary Modules 26 Mar 201927 Mar 2019 Full article: https://www.offensive-security.com/metasploit-unleashed/scanner-netbios-auxiliary-modules/ nbname The nbname auxiliary module scans a range of hosts and determines their hostnames via NetBIOS. msf > use auxiliary/scanner/netbios/nbname msf auxiliary(nbname) > show options Module options (auxiliary/scanner/netbios/nbname): Name…
AppSec… Exploiting XXE Vulnerabilities in IIS/.NET 5 Mar 20195 Mar 2019 By Chris Davis XXE (XML External Entity) attacks happen when an XML parser improperly processes input from a user that contains an external entity declaration in the doctype of an…
AppSec… CSRF Code Examples and Defense 3 Mar 20193 Mar 2019 CSRF is an attack that tricks the victim into submitting a malicious request. It inherits the identity and privileges of the victim to perform an undesired function on the victim's…
#career… New Year Linux Foundation Deals 23 Dec 20188 Oct 2019 As usual we have amazing new deals on Linux Foundation certificates and courses. Sign on and use your own pace to finish the course. Perfect for a boring January and…
AppSec… Create a Backdoor with Cryptcat 23 Dec 2018 In this tutorial, I'll introduce you to netcat's popular cousin, cryptcat (she's actually much cuter and more exotic than the plain netcat). Cryptcat enables us to communicate between two systems and encrypts…
#career… Pivoting the Network 18 Dec 201815 Mar 2019 What is Pivoting? Pivoting is the unique technique of using an instance (also referred to as a ‘plant’ or ‘foothold’) to be able to move around inside a network. Basically…
Cyber Security… Veil – AV Evasion – Set Up and Tutorial 17 Dec 2018 Veil-Evasion is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. NOTE: ./setup/setup.sh should be re-run on every major version update. If you receive any major errors on running…
#career… Pwned 10 Dec 201823 Jan 2019 Let[s] talk a little about this box. In this HTB machine we will see only one port is open and that will be the http one , we will fireup the dirbuster…
AppSec… SQL Injection Attacks 20 Nov 2018 A customer asked that we check out his intranet site, which was used by the company's employees and customers. This was part of a larger security review, and though we'd…
#Metasploit… Payload in PDF 12 Nov 2018 Infected PDFs have always been a privileged way to infect users because this document format is very common and used by almost everyone. Moreover, it exists many ways to exploit Acrobat Reader…
#career… Now Is The Time, Linux is the Direction 11 Nov 201824 Jan 2019 Your future matters to us @ LSB, so get into Linux and see the new world it will open for you. Created by QuBits 2018-11-11
#career… Linux Foundation Deals For LSB Followers 25 Oct 2018 We are delighted to be able to team up with The Linux Foundation to bring you some great deals on amazing Linux courses and materials. All courses, on completion is…
AppSec… OWASP Security Shepherd- Session Management Challenge One – Solution – LSB 12 Oct 201812 Oct 2018 We have another solution in the OWASP Security Shepherd challenges and we enjoyed completing this one. You can find out about Session Management from OWASP here. So let's get on…
AppSec… Penetration Testing – Complete Guide 10 Oct 201810 Dec 2018 What is Penetration Testing? It’s the process to identify security vulnerabilities in an application by evaluating the system or network with various malicious techniques. The weak points of a system…
Attacks… The Evil Twin Attack 8 Oct 201829 Oct 2019 I searched through many guides, and none of them really gave good description of how to do this. There’s a lot of software out there (such as SEToolkit, which can…
AppSec… OWASP Security Shepherd – Failure To Restrict Access Solution – LSB 27 Sep 201827 May 2019 Am I Vulnerable To 'Failure to Restrict URL Access'? The best way to find out if an application has failed to properly restrict URL access is to verify every page. Consider for…
AppSec… OWASP Security Shepherd – Insecure Cryptographic Storage Challenge 1 Solution – LSB 21 Sep 2018 Thanks for visiting and today we have another OWASP Security Shepherd Solution for you. This time it's the Insecure Cryptographic Storage Challenge. Cryptography is usually the safest way to communicate…
AppSec… OWASP Security Shepherd – SQL Injection Solution – LSB 15 Sep 201819 Sep 2019 A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data…
AppSec… Create a Persistent Back Door with Kali, Netcat and Weevely 13 Sep 201811 Oct 2019 This post will dive into how we can take advantage of a vulnerability in a web application to gain access and upload a backdoor that we can connect to in…
AppSec… OWASP Security Shepherd – Cross Site Scripting One Solution – LSB 12 Sep 201812 Sep 2018 Welcome back to LSB my budding hackers. Today's lesson is about Cross Site Scripting (Or XSS). Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected…
AppSec… OWASP Security Shepherd – Insecure Direct Object Reference Solution – LSB 10 Sep 2018 Welcome back to the Security Shepherd solutions from LSB. This was quite an interesting puzzle and it took a few tries to get the key. Insecure Direct Object Reference (called IDOR from here) occurs when…
AppSec… OWASP Security Shepherd – Failure To Restrict Access Solution – LSB 7 Sep 20187 Sep 2018 What is Failure to Restrict URL Access Vulnerability/Threat? Failure to restrict URL access occurs in applications hide functionality from non-privileged users. In an application that fails to restrict URL access, administration…
