Wireless Penetration Testing: SSID Discovery
This article will depict “How to discover SSID for WiFi Network” using several tools designed for Windows and Linux platforms. SSID discovery is applicable in Wi-fi hacking or penetration...
View ArticleMetasploit for Pentester: Clipboard
In this series of articles, we will be focusing on the various mechanisms of the Metasploit Framework that can be used by Penetration Testers. Here, we will be discussing about the External API...
View ArticleWireless Penetration Testing: Wifipumpkin3
Wifipumpkin3 is a framework that is built on python to give rogue access point attacks to red teamers and reverse engineers. In this article, we would look at how we can use this tool to create a bogus...
View ArticleMetasploit for Pentester: Inject Payload into Executable
Being lurking and undetectable is the priority after anonymity. In this article, we are going to learn how to create an innocuous-looking backdoor and bind it with a legitimate executable file to gain...
View ArticleSocat for Pentester
Socat is one of those kinds of tools that either you might not know at all, or if you know then you might know all the different kinds of stuff that you can do with it. While working with it, we felt...
View ArticleMetasploit for Pentester: Migrate
In the continuation in this series of articles dedicated to the Metasploit Framework to provide an appropriate resource for Penetration Testers so that they can use the variety of the features present...
View ArticleMetasploit for Pentester: Windows Hidden Bind Shell
In this article, we are going to cover the tactics of Hidden BIND TCP shellcode. Every organization has multiple scanning tools to scan their network and to identify the new or unidentified open ports....
View ArticleMetasploit for Pentester: Creds
This is in continuation with the Metasploit for Pentester series of articles that we are presenting. More specifically we learned about the Workspaces and the Metasploit Database service in this...
View ArticleWindows Privilege Escalation: SeImpersontate
In this article, we will be showcasing the process of creating a lab environment on an IIS Server running a Windows Server 2019 machine. After setting the IIS server, we will be focusing on the usage...
View ArticleKenobi TryHackMe Walkthrough
Today it is time to solve another challenge called “Kenobi”. It is available at TryHackMe for penetration testing practice. The challenge is an easy difficulty if you have the right basic knowledge and...
View ArticleBurp Suite for Pentester: Repeater
Today, in this article, we’ll focus on the Repeater and its options featured by the Burp Suite Professional Version, which will help any Pentester to send the request inside the burp and observe its...
View ArticleNmap for Pentester: Dictionary Attack
We will process the showcase for Nmap Brute NSE Script for dictionary attack in this article since Nmap is such a large tool that it can't be covered in one post.If you're wondering whether or not a...
View ArticleMSSQL Penetration Testing:Nmap
To obtain basic information such as database names, usernames, names of tables, etc from the SQL servers on the Windows operating system, we will execute penetration testing using Nmap scripts. MSSQL...
View ArticleMSSQL for Pentester: Command Execution with xp_cmdshell
This article is in collection with the other two articles that we wrote about MSSQL Server and its Penetration Testing. In this article, we will be discovering and exploiting the security aspects of...
View ArticleSimple CTF TryHackMe Walkthrough
Today it is time to solve another challenge called “Simple CTF”. It is available at TryHackMe for penetration testing practice. This challenge is of easy difficulty if you have the right basic...
View ArticleMS-SQL for Pentester: Discovery
Microsoft SQL Server (MS-SQL) is a relational database manager created by Microsoft. Such management systems are used to engage databases with the user. And the Microsoft’s version SAQL adds on the set...
View ArticleMSSQL for Pentester: Command Execution with Ole Automation
OLE automation is a process through which an application can access and manipulate the implied objects in other applications. Hence, in this article, we will how to use OLE automation to our...
View ArticleMSSQL for Pentester: Command Execution with CLR Assembly
In this article, we will learn all about CLR assembly functionality provided by Microsoft and how we can exploit it to our potential.Table of Content:· What is Common Language Runtime...
View ArticleMSSQL for Pentester: Metasploit
In this article, we will learn in detail how to pentest MSSQL servers using the Metasploit framework.Table of Content:· Introduction· Identify the Server· Retrieve login...
View ArticleMSSQL for Pentester: Impersonate
In this article, we will learn about Impersonate feature that MSSQL servers offer. The earliest implementation of Impersonate was in SQL Server 7.0, released January 1993. This command is used to...
View Article