What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-08-13 06:40:03 | Dradis: Reporting and Collaboration Tool (lien direct) | Hello friends, today in this article we are going to familiarize you with one of the most vital tools of kali that everybody needs in today's era. Eliminating bugs or finding any issue, is used to cover by everyone in their journey of pentesting. But apart from this one should also want to indulge ownself... Continue reading → | Tool | ||
|
2019-07-26 07:18:05 | Comprehensive Guide to Steghide Tool (lien direct) | In this article, we’ll learn about Steghide. There are various steganography tools available but the part that differentiates it is that it uses a variety of algorithms to encrypt the data. Moreover, Steghide supports to hide data behind any image(jpg/jpeg/png/gif/bmp), audio (mp3/wav), excel, etc. Table of Content Introduction to Steganography Introduction to Steghide Features Installation... Continue reading → | Tool | ||
|
2019-07-21 16:46:05 | ExifTool : A Meta-Data Extractor (lien direct) | In this article, we'll discover various methods to read, write and manipulate the meta-data information recorded in a variety of file types. In order to achieve this, we'll be using a tool known as “ExifTool”. EXIF is an acronym for Exchangeable Image File Format and it is a standard for the inclusion of metadata in... Continue reading → | Tool | ★★ | |
|
2019-07-14 17:14:05 | Retina: A Network Scanning Tool (lien direct) | In this article, we will learn how to use retina, “a vulnerability scanner” to our best of advantage. There are various network vulnerability scanners, but Retina is the industry's most powerful and effective vulnerability scanners. This network vulnerability scanning tool gives vulnerability assessment experience and generates full brief network vulnerability report. Table of content Introduction... Continue reading → | Tool Vulnerability | ||
|
2019-07-05 04:34:01 | Shellphish: A Phishing Tool (lien direct) | Shellphish is an interesting tool that we came across that illustrates just how easy and powerful phishing tools have become today. The tool leverages some of the templates generated by another tool called SocialFish. The tool offers phishing templates for 18 popular sites, the majority are focused on social media and email providers. There is... Continue reading → | Tool | ||
|
2019-06-12 15:53:03 | Cloakify-Factory: A Data Exfiltration Tool Uses Text-Based Steganography (lien direct) | In our previous post, we had already discussed on “Cloud Storage Uploads for data exfiltration” and today we are going to discussed “Concealed Method for Data Exfiltration” to extract the unauthorized data. Here you will learn how an intruder can exfiltrate data through steganography approach. Table of Content Overview About Data Exfiltration Cloakify Installation and... Continue reading → | Tool | ||
|
2019-06-10 07:36:04 | Evilginx2- Advanced Phishing Attack Framework (lien direct) | This is the successor of Evilginx 1, and it stays in-line with the MITM lineage. This tool is designed for a Phishing attack to capture login credentials and a session cookie. Table of Content Overview Setup Perquisites Installation Domain Setup Priming Evilginx Execution Lure Creation Attack Simulation Overview One of the biggest concerns in today’s... Continue reading → | Tool | ||
|
2019-05-07 13:52:02 | PowerCat -A PowerShell Netcat (lien direct) | The word PowerCat named from Powershell Netcat which is a new version of netcat in the form of the powershell script. In this article, we will learn about powercat which a PowerShell tool for is exploiting windows machines. Table of Content Requirement & Installations Testing PowerShell Communication Bind Shell Execute Shell Tunnelling or port forwarding... Continue reading → | Tool | ||
|
2019-04-16 06:13:04 | Command & Control: Ares (lien direct) | In this article, we will learn how to use Ares tool. This tool performs the Command and Control over the Web Interface. This tool can be found on GitHub. Table of Content: Introduction Installation Exploiting Target Command Execution Capturing Screenshot File Download Compressing Files Persistence Agent Clean Up Introduction Ares is a Python Remote Access... Continue reading → | Tool | ||
|
2019-04-14 06:30:02 | Command & Control: WebSocket C2 (lien direct) | In this article, we will learn how to use WebSocket C2 tool. It is also known as WSC2. Table of Content: Introduction Installation Exploiting Target Command Execution File Download Introduction WSC2 is primarily a tool for post-exploitation. WSC2 uses the WebSocket and a browser process. This serves as a C2 communication channel between an agent,... Continue reading → | Tool | ||
|
2019-04-04 16:19:02 | Kage: Graphical User Interface for Metasploit (lien direct) | Kage is a GUI for Metasploit RCP servers. It is a good tool for beginners to understand the working of Metasploit as it generates payload and lets you interact with sessions. As this tool is on the process of developing, till now it only supports windows/meterpreter and android/meterpreter. For it to work, you should have... Continue reading → | Tool | ||
|
2019-04-02 17:41:00 | dnscat2: Command and Control over the DNS (lien direct) | In this article, we learn DNS tunnelling through an amazing tool i.e. DNScat2 Table of Content : Introduction to DNS Introduction to DNScat Installation DNS tunnelling Conclusion Introduction to DNS The Domain Name System (DNS) associate's URLs with their IP address. With DNS, it’s conceivable to type words rather than a series of numbers into... Continue reading → | Tool | ||
|
2019-03-21 14:01:01 | Command & Control: Silenttrinity Post-Exploitation Agent (lien direct) | In this article, we will learn to use Silent Trinity tool to exploit windows. Table of content: Introduction Installation Windows exploitation Windows post exploitation Silent trinity to meterpreter Introduction Silent trinity is a command and control tool dedicated to windows. It is developed by byt3bl33d3r in python, iron python, C# and .net. as it is... Continue reading → | Tool | ||
|
2019-03-19 10:12:01 | Command & Control Tool: Pupy (lien direct) | In this article, we will learn to exploit Windows, Linux and Android with pupy command and control tool. Table of Content : Introduction Installation Windows Exploitation Windows Post Exploitation Linux Exploitation Linux Post Exploitation Android Exploitation Android Post Exploitation Introduction Pupy is a cross-platform, post exploitation tool as well as a multi-function RAT. It's written... Continue reading → | Tool | ||
|
2019-03-12 09:12:02 | Command and Control Guide to Merlin (lien direct) | In this article, we learn how to use Merlin C2 tool. It is developed by Russel Van Tuyl in Go language. Table of content: Introduction Installation Windows exploitation Windows post exploitation Linux exploitation Linux post exploitation Introduction Merlin is great cross platform Command and control tool written in Go language. It's made of two elements... Continue reading → | Tool | ||
|
2019-03-08 13:42:05 | nps_payload: An Application Whitelisting Bypass Tool (lien direct) | In this article, we will create payloads using a tool named nps_payload and get meterpreter sessions using those payloads. This tool is written by Larry Spohn and Ben Mauch. Find this tool on GitHub. Attacker: Kali Linux Target: Windows 10 Table of Content: Downloading and Installing Getting session using MSBuild Getting session using MSBuild HTA... Continue reading → | Tool | ||
|
2019-02-17 07:29:00 | TrevorC2 – Command and Control (lien direct) | TrevorC2 is command and control framework. It is a client/server model which works through a browser masquerading as C2 tool. It works on different time intervals which makes it almost impossible to be detected. This tool is coded in python but it's also compatible with c#, PowerShell, or any other platform. this is supported by... Continue reading → | Tool | ||
|
2019-01-26 07:46:05 | GreatSct – An Application Whitelist Bypass Tool (lien direct) | While wrting Applocker bypass series, we found a new tool which was especially design for bypassing whitelisting application. So Idecided to write this article where e are introducing another most interesting tool “Great SCT –A metasploit payload generator” tool which is similar to unicorn or msfvenom because it depeands on metasploit framework to provide reverse... Continue reading → | Tool | ||
|
2019-01-18 12:24:03 | Configure Sqlmap for WEB-GUI in Kali Linux (lien direct) | Hello everyone and welcome to this tutorial of setting up SQLMAP for web-gui. Web-GUI simply refers to the interface that a browser provides you over the http/https service. SQLMAP is a popular tool for performing SQL injection attacks on sites affected by mysql errors; be it an error based sql injection or hidden sql, sqlmap... Continue reading → | Tool | ||
|
2019-01-16 15:32:05 | Koadic – COM Command & Control Framework (lien direct) | Hello friends!! In this article we are introducing another most interesting tool “KOADIC – COM Command & Control” tool which is quite similar to Metasploit and Powershell Empire. So let's began with its tutorial and check its functionality. Table of Content Introduction to Koadic Installation of Koadic Usage of Koaidc Koadic Stagers Privilege Escalation with... Continue reading → | Tool | ||
|
2018-12-08 15:30:01 | Comprehensive Guide on Ncrack – A Brute Forcing Tool (lien direct) | In this article we will be exploring the topic of network authentication using Ncrack. Security professionals depends on Ncrack while auditing their clients. The tools is very simple, yet robust in what it offers a penetration tester. It was design to help the companies in securing their networks by analysis all their hosts and networking devices... Continue reading → | Tool | ||
|
2018-12-02 16:18:03 | Comprehensive Guide on Dymerge (lien direct) | Hello friends! This article is comprehensive guide on the Dymerge tool. This is a handy little tool that helps you manage all the dictionaries that you've created reading through our blog and using all the amazing tools we've written about. Table of Content What is Dymerge Installing and Launching Dymerge Standard Merge Fast Mode Removing... Continue reading → | Tool | ||
|
2018-11-27 16:58:01 | Comprehensive Guide on Pydictor – A wordlist Generating Tool (lien direct) | In this article we will explore another dictionary building tool “Pydictor”. These tools are always fun to work with, this is another robust tool perfect for generating custom dictionaries. The thing that stands out most about this tool is the customization options it offers, from the most common to the advance. Table of Content What... Continue reading → | Tool | ||
|
2018-11-26 17:27:02 | Comprehensive Guide on Cupp– A wordlist Generating Tool (lien direct) | Hello Friends!! Today we are going explore the function of Cupp which is an authoritative tool that creates a wordlist especially particular for a person that can be use while making brute force attack for guessing login credential. Table of Content Introduction to Cupp How Cupp Works Getting Started Generating Custom Dictionary Adding to Custom... Continue reading → | Tool | ||
|
2018-11-19 09:40:05 | Comprehensive Guide on Dirbuster Tool (lien direct) | In this article, we are focusing on transient directory using Kali Linux tool Dibuster and trying to find hidden files and directories within a web server. Table of Content What is DirBuster Default Mode GET Request Method Pure Brute Force (Numeric) Single Sweep (Non-recursive) Targeted Start Blank Extensions Search by File Type (.txt) Changing DIR... Continue reading → | Tool | ||
|
2018-11-17 14:42:05 | Comprehensive Guide on Cewl Tool (lien direct) | Hello Friends!! In this article we are focusing on Generating Wordlist using Kali Linux tool Cewl and learn more about its available options. Table of Content Introduction to Cewl Default Method Save Wordlist in a file Generating Wordlist of Specific Length Retrieving Emails from a Website Count the number of Word Repeated in a website... Continue reading → | Tool | ||
|
2018-11-14 14:11:02 | (Déjà vu) Comprehensive Guide on Medusa – A Brute Forcing Tool (lien direct) | Hello friends!! Today we are going to discuss – How much impactful Medusa is in cracking login credential of various protocols to make unauthorized access to a system remotely. In this article we have discussed each option available in Medusa to make brute force attack in various scenario. Table OF Content Introduction to Medusa and... Continue reading → | Tool | ||
|
2018-11-13 13:51:02 | Comprehensive Guide on Hydra – A Brute Forcing Tool (lien direct) | Hello friends!! Today we are going to discuss – How much impactful hydra is in cracking login credential of various protocols to make unauthorized access to a system remotely. In this article we have discussed each option available in hydra to make brute force attack in various scenario. Table of Content Introduction to hydra Multiple... Continue reading → | Tool | ||
|
2018-10-30 06:38:05 | Comprehensive Guide on MSFPC (lien direct) | Hello Friends!! As you all are aware of MSFvenom-A tool in Kali Linux for generating payload, is also available as MSFvenom Payload Creator (MSFPC) for generating various “basic” Meterpreter payloads via msfvenom. It is fully automating msfvenom & Metasploit is the end goal. MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based... Continue reading → | Tool | ||
|
2018-10-23 16:26:02 | Shellter-A Shellcode Injecting Tool (lien direct) | Hey Folks! Welcome back to learning more of what you love to do. That is, evading security of other computer or network. You know that there are various tools to assist you in this. One of such tools is Shellter. Shellter is an active shellcode insertion tool. It effectively re-encodes payloads (here shellcode) to bypass... Continue reading → | Tool | ||
|
2018-10-19 14:39:01 | (Déjà vu) Comprehensive Guide on Gobuster Tool (lien direct) | Hello Friend!! Today we are going demontrate URLs and DNS brute force attack for extracting Directtories and files from inside URLs and subdomains from DNS by using “Gobuster-tool”. Table of Content Introuction & Installation Using Wordlist for Directory Brute-Force Obtaining Full Path for a directory or file Hide Status Code Verbose Mode Identify Content Length... Continue reading → | Tool | ||
|
2018-10-19 14:39:01 | (Déjà vu) Comprehensive Guide to Gobuster Tool (lien direct) | Hello Friend!! Today we are going demontrate URLs and DNS brute force attack for extracting Directtories and files from inside URLs and subdomains from DNS by using “Gobuster-tool”. Table of Content Introuction & Installation Using Wordlist for Directory Brute-Force Obtaining Full Path for a directory or file Hide Status Code Verbose Mode Identify Content Length... Continue reading → | Tool | ||
|
2018-10-15 18:08:02 | Magic Unicorn – PowerShell Downgrade Attack and Exploitation tool (lien direct) | Magic Unicorn is a simple tool for using a PowerShell downgrade attack and injects shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18. Table of Content Powershell Attack Instruction HTA Attack Instruction Macro Attack Instruction Download the unicorn... Continue reading → | Tool | ||
|
2018-10-15 07:05:04 | (Déjà vu) Comprehensive Guide to Dirb Tool (lien direct) | In this article, we are focusing on transient directory using Kali Linux tool DIRB and trying to find hidden files and directories within a web server. A path traversal attack is also known as “directory traversal” aims to access files and directories that are stored outside the web root folder. By manipulating variables with reference... Continue reading → | Tool | ||
|
2018-06-30 17:34:02 | 3 Ways Extract Password Hashes from NTDS.dit (lien direct) | Hello friends!! Today we are going to discuss some forensic tool which is quite helpful in penetration testing to obtain NTLM password hashes from inside the host machine. As we know while penetration testing we get lots of stuff from inside the host machine and if you found some files like NTDS.dit and system hive... Continue reading → | Tool |
To see everything:
Our RSS (filtrered)
