A Detailed Guide on Chisel
A Detailed Guide on ChiselBackground of Port forwarding:Port forwarding in a computer network, also known as port mapping of network address transition (NAT), redirects a communication request from...
View ArticleCredential Dumping – Active Directory Reversible Encryption
IntroductionAccording to MITRE an adversary may abuse Active Directory authentication encryption properties to gain access to credentials on Windows systems. The AllowReversiblePasswordEncryption...
View ArticlePython Serialization Vulnerabilities - Pickle
IntroductionSerialization gathers up the data from objects and converts them to a string of bytes, and writes to disk. The data can be deserialized and the original objects can be recreated. Many...
View ArticleFirefox Addons for Pentesting
Firefox Addons for PentestingIn this article, we will learn how to customise the Firefox browser for efficient pen-testing along with extensions you can use for the same purpose. Table of contents:·...
View ArticleBurpsuite for Pentester: Logger++
Burp Logger++: A Powerful Extension In this article, we’ll learn about a powerful Burp Extension cool tool called "Burp Logger++". It is like a super detective for websites, always on the lookout for...
View ArticleEasy way to Generate Reverse Shell
Easy Way to Generate Reverse ShellIn this article, we will learn how to get a reverse in few easy steps. Usually, the problem when reverse shell commands is to remember its long and complicating...
View ArticleBurpsuite for Pentester: Autorize
In order to protect online assets, web application security testing is an essential element of safeguarding them. Burp Suite has been a leader in this area for many years and it's still being used by...
View ArticleA Detailed Guide on Ligolo-Ng
This comprehensive guide delves into the intricacies of Lateral Movement utilizing Ligolo-Ng, a tool developed by Nicolas Chatelain. The Ligolo-Ng tool facilitates the establishment of tunnels through...
View Article64-bit Linux Assembly and Shellcoding
IntroductionShellcodes are machine instructions that are used as a payload in the exploitation of a vulnerability. An exploit is a small code that targets a vulnerability. Shellcodes are written in...
View ArticleBest Alternative of Netcat Listener
Pentesters rely on a variety of tools to establish connections and maintain access during security assessments. One critical component of their toolkit is the listener—a program that listens for...
View ArticleA Detailed Guide on RustScan
In the realm of cybersecurity, network scanning tools play a vital role in reconnaissance and vulnerability assessment. Among the array of options available, Rustscan has emerged as a formidable...
View ArticleA Detailed Guide on Pwncat
Pwncat stands out as an open-source Python tool highly regarded for its versatility, providing a contemporary alternative to the traditional netcat utility. Tailored for network exploration,...
View ArticleTomcat Penetration Testing
Apache Tomcat, developed by the Apache Software Foundation, is a widely used web server and servlet container. Originally, it served as a demonstration platform for Java Servlet and JavaServer Pages...
View ArticleJenkins Penetration Testing
Jenkins is an open-source automation server used for continuous integration (CI) and continuous delivery (CD). It's built on Java and utilizes a scripting platform for automation. Jenkins automates...
View ArticleDisk Group Privilege Escalation
Disk Group Privilege Escalation is a complex attack method targeting vulnerabilities or misconfigurations within the disk group management system of Linux environments. Attackers might focus on disk...
View ArticleExploiting Race Condition using Turbo Intruder
In web security, a race condition refers to a scenario where the behaviour of a web application is influenced by the sequence or timing of events, potentially leading to unintended security...
View ArticleReel HackTheBox Walkthrough
SummaryReel is a windows Active Directory machine and is considered as a hard box in HTB. This box stands out for its uniqueness, featuring a phishing scenario that is rarely found in other boxes....
View ArticleMSSQL for Pentester: NetExec
NetExec (nxc) is a powerful network exploitation tool developed as a modern successor to CrackMapExec (CME), which was widely used by penetration testers and red teamers. Earlier CrackMapExec was...
View ArticleA Detailed Guide on Feroxbuster
Feroxbuster is a robust tool designed to identify directories and files on web servers using brute-force techniques. It is frequently utilized in penetration testing and security evaluations to detect...
View ArticleOSINT : User Privacy in Linux
Linux telemetry involves gathering and sending data from a Linux-based system to an external server or service. The purpose of this process is often to monitor system performance, provide diagnostics,...
View Article