Skip to content

Linux Security Blog

How Hackers Work

Search
  • Home
  • Shep Tutorials
    • Set Up Security Shepherd On VMWare
    • Failure To Restrict Access – Solution
    • Insecure DOR – Solution
    • Poor Data Validation – Solution
    • Security Misconfiguration – Solution
    • Insecure Direct Object Reference 2 Solution
    • Cross Site Scripting One Solution
    • SQL Injection Solution
    • OWASP Security Shepherd – Failure To Restrict Access Solution
    • Session Management Challenge One – Solution
  • GNS3 Series
    • Install GNS3 2.2 on Windows10 | Download Link Included
    • Import VirtualBox Images to GNS3
  • Python Series
    • Part I
    • Part II
  • About

Tag: Hacking

AppSec…

Create a Persistent Back Door with Kali, Netcat and Weevely

13 Sep 201815 Aug 2020
This post will dive into how we can take advantage of a vulnerability in a web application to gain access and upload a backdoor that we can connect to in…
#Metasploit…

Metasploit for the Aspiring Ethical Hacker, Part 3 (Payloads) – LSB

5 Dec 20176 Dec 2017
As you know, Metasploit is an exploitation framework that every hacker should be knowledgeable of and skilled at. It is one of my favorite hacking tools available. Let's take a closer look…
Attacks…

Nmap Scripts for Recon

5 Dec 201727 Dec 2018
These Nmap NSE Scripts are all included in standard installations of Nmap. Use them to gather additional information on the targets you are scanning. The information can both add context…
Attacks…

Metasploit for the Aspiring Ethical Hacker, Part 2

1 Dec 201729 Jan 2019
Part 1 is here: https://linuxsecurityblog.com/2016/03/01/metasploit-for-the-aspiring-ethical-hacker-part-1/ In this second tutorial, we will look at some of the basic commands we can use in Metasploit. Although the Metasploit framework can appear daunting to…
Attacks…

Hackers can bypass new protections in MacOS High Sierra

29 Nov 201729 Nov 2017
MacOS High Sierra protections can be bypassed, but will make security researchers and companies work more difficult Hackers can bypass a new security feature in MacOS High Sierra to load…
Cloud Security…

Create Your Own VPN with AWS

24 Nov 201723 May 2019
Internet users are spoiled for choice when it comes to VPN services, but they either require a monthly subscription, aren’t secure, or are just plain slow. Thankfully, alternatives do exist.…
AppSec…

OWASP – A2 – Broken Authentication and Session Management – LSB

24 Nov 201729 Jun 2018
Threat Agents Consider anonymous external attackers, as well as users with their own accounts, who may attempt to steal accounts from others. Also consider insiders wanting to disguise their actions.…
Cyber Security…

LSB Afilliate Programs

22 Nov 201728 Nov 2017
I thank each and every one of you for visiting my blog, you are the reason we are still able to keep LSB alive. As you may or may not…
AppSec…

Exploiting CSRF under NoScript Conditions

22 Nov 201716 Mar 2019
CSRFs -- or Cross-Site Request Forgery vulnerabilities -- occur when a server accepts requests that can be “spoofed” from a site running on a different domain. The attack goes something like this:…
AppSec…

A Guide to Not Getting Hacked

20 Nov 20175 Mar 2019
Hackers steal hundreds of millions of passwords in one swoop and occasionally cause large-scale blackouts. The future is probably not going to get better, with real-life disasters caused by internet-connected knick-knacks, smart home robots that could kill…
Attacks…

Set up a Honeypot on AWS

8 Nov 20178 Nov 2017
If you’re aspiring to become a professional in the field of computer security, wish to understand further the current threat landscape or simply want to have a play around with…

RSS ls -a /Zer0Days

  • [webapps] pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE) 20 Feb 2023
  • [remote] SmartRG Router SR510n 2.6.13 - Remote Code Execution 11 Nov 2022
  • [webapps] CVAT 2.0 - Server Side Request Forgery 11 Nov 2022
  • [local] IOTransfer V4 - Unquoted Service Path 11 Nov 2022
  • [remote] AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal 11 Nov 2022

Follow Us

  • Twitter
  • Facebook
  • Tumblr
  • Reddit

RSS Crypto News

  • An error has occurred; the feed is probably down. Try again later.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 2,439 other subscribers

ls /categories

AppSec Attacks Bugs Cryptography Cyber Security Education Encryption Entertainment Exploits Hacking Linux Open Source Operating Systems OWASP Penetration Testing Privacy Security Technology Tips Tutorials

ls /comments

dark92i (@dark92i) on The Hidden Wiki
Foster Eli on Best Darkweb Links
crypstalk21 on Securing Your Crypto Wallet
kioptrix vm on PenTesting: Gaining Root Privi…
Johnny Dickman (@Dar… on The Darknet 2019
XXS Attack – P… on Payload in PDF

ls -a -v /community

ls /MostVisited

  • Write a Ping Sweeper in 4 Lines of Bash
    Write a Ping Sweeper in 4 Lines of Bash
  • Best Darkweb Links
    Best Darkweb Links
  • Crack WPA Handshake using Aircrack with Kali Linux
    Crack WPA Handshake using Aircrack with Kali Linux
  • Payload in PDF
    Payload in PDF
  • BlueKeep - Exploit Windows (RDP Vulnerability) Remotely
    BlueKeep - Exploit Windows (RDP Vulnerability) Remotely
  • Find Vulnerable Devices On The Internet With Shodan
    Find Vulnerable Devices On The Internet With Shodan
  • Import VirtualBox Images to GNS3
    Import VirtualBox Images to GNS3
  • How to install WebGoat on Ubuntu
    How to install WebGoat on Ubuntu
  • CSRF Code Examples and Defense
    CSRF Code Examples and Defense
  • OWASP Security Shepherd - Security Misconfiguration - Solution - LSB
    OWASP Security Shepherd - Security Misconfiguration - Solution - LSB

ls /Archives

Follow Linux Security Blog on WordPress.com

We Use Social Media

  • Twitter
  • Reddit
  • Facebook
  • Tumblr
  • Pinterest
  • YouTube
Create a website or blog at WordPress.com
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
  • Follow Following
    • Linux Security Blog
    • Join 270 other followers
    • Already have a WordPress.com account? Log in now.
    • Linux Security Blog
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar