What's new arround internet

Last one

Src Date (GMT) Titre Description Tags Stories Notes
Blog.webp 2020-12-17 16:06:27 Android Hooking and SSLPinning using Objection Framework (lien direct) Introduction Objection is runtime mobile exploration toolkit built on top of frida which is used in Android and iOS pentesting. We can use Objection to perform numerous functions like SSLPinning bypass, root detection bypass, performing memory tasks, heap tasks and more without even being root/ jailbroken. However, it is to be noted that to take... Continue reading →
Blog.webp 2020-12-16 11:45:40 Nmap for Pentester: Host Discovery (lien direct) Nmap has become one of the most popular tools in network scanning by leaving other scanners behind. Many times the hosts in some organisations are secured using firewalls or intrusion prevention systems which result in the failure of scanning due to the present set of rules which are used to block network traffic. In Nmap,... Continue reading →
Blog.webp 2020-12-14 17:37:06 Comprehensive Guide on Autopsy Tool (Windows) (lien direct) Autopsy is an open-source tool that is used to perform forensic operations on the disk image of the evidence. The forensic investigation that is carried out on the disk image is displayed here. The results obtained here are of help to investigate and locate relevant information. This tool is used by law enforcement agencies, local... Continue reading → Tool
Blog.webp 2020-12-07 17:57:22 Android Pentest Lab Setup & ADB Command Cheatsheet (lien direct) Introduction To learn android pentest in a much handier way we'll be setting up Android Pentest environment in our own system rather than conducting an experiment on a live device. It is to be noted that these practicals can be conducted on a phone with USB debugging option on as well, but we'll be using... Continue reading →
Blog.webp 2020-12-06 17:02:03 Linux for Beginners: A Small Guide (Part 3) (lien direct) Let's cover more advanced concepts and pick of where we left in part 2 of this article where we learned somehow to interact and manage network devices, discover the different process running on your system and getting a grip of the usage of environment variables. In this article, we'll be focusing on some advanced Linux... Continue reading →
Blog.webp 2020-12-04 15:48:12 Nmap for Pentester: Output Format Scan (lien direct) Nmap which is also known as Network Mapper is one of the best open-source and the handiest tool that is widely used for security auditing and network scanning by pentesters. It also provides an additional feature where the results of a network scan can be recorded in various formats. Table of Contents Introduction- Scan Output... Continue reading → Tool
Blog.webp 2020-12-04 15:05:46 Linux for Beginners: A Small Guide (Part 2) (lien direct) Let's dig in deeper from the previous concepts of part 1 of this article where we learned some basic day to day commands like navigating around the directories, creating files, copying them, commands to manipulate text on your terminal windows, installing software packages on your system and playing with file permissions. In this article, we'll... Continue reading →
Blog.webp 2020-12-04 09:04:21 (Déjà vu) Cybox: 1 VulnHub Walkthrough (lien direct) Today we’re going to solve another boot2root challenge called “Cybox: 1“. It’s available at VulnHub for penetration testing practice. This lab is not difficult if we have the right basic knowledge to break the labs and are attentive to all the details we find during the reconnaissance. The credit for making this lab goes to... Continue reading →
Blog.webp 2020-12-02 09:38:39 Android Application Framework: Beginner\'s Guide (lien direct) Android is a mobile operating system based on a modified version of the Linux kernel and other open-source software, designed primarily for touchscreen mobile devices such as smartphones and tablets. Android is developed by a consortium of developers known as the Open Handset Alliance and commercially sponsored by Google. In this article series we'll demonstrate... Continue reading →
Blog.webp 2020-12-01 08:29:58 Implementation of Firewall Policies :FortiGate (Part 2) (lien direct) In the previous part, we have discussed some basic firewall policies that are must require to set up a firewall. Let's move towards some advance policies. You can access the previous article from Here:  Implementation of Firewall Policies :FortiGate (Part 1) In this article, we are going to create some policies that is much required... Continue reading →
Blog.webp 2020-12-01 07:43:43 Implementation of Firewall Policies :FortiGate (Part 1) (lien direct) In today's era whether your is for personal use or designated to a multi-billion-dollar enterprise, no doubt security should be the number priority out of all. A firewall acts like a barrier that keeps destructive forces away from computers and prevents a network from unauthorized access by enhancing the security devices connected to a network.... Continue reading →
Blog.webp 2020-11-28 14:59:26 (Déjà vu) Iron Corp TryHackMe Walkthrough (lien direct) Today we’re going to solve another boot2root challenge called “Iron Corp“. It’s available at TryHackMe for penetration testing practice. This lab is not difficult if we have the right basic knowledge to break the labs and are attentive to all the details we find during the reconnaissance. The credit for making this lab goes to... Continue reading →
Blog.webp 2020-11-23 12:19:24 Password Dumping Cheatsheet: Windows (lien direct) Introduction Password storing mechanism, ever since the genesis of Windows, has been an angle of interest from security researcher's point of view and its implementation has often been criticized. However, newer versions of Windows seem to have tried and tackled this problem in many parameters, but we still can't say that Windows' password storage mechanism... Continue reading →
Blog.webp 2020-11-22 16:23:38 Linux For Beginners: A Small Guide (lien direct) More often than not, certain operating systems tend to get tied to certain tasks. When it comes to penetration testing, Linux based operating systems are always mapped to it. This article will help you get comfortable with the fundamentals of Linux. So let's start. Table of Content: Why use Linux for pentesting? The Basic Linux... Continue reading →
Blog.webp 2020-11-21 12:59:23 Router Penetration Testing (lien direct) Introduction Embedded devices are an essential part of a network. In corporate environment as well as small home networks there is at least one router/switch and gaining access to it means gaining access to the whole network and needless to say, people don't like investing much money in these kinds of network devices and most... Continue reading →
Blog.webp 2020-11-21 06:44:17 Firewall Lab Setup : FortiGate (lien direct) In the game of network security, you are either secure or you are not; there exists no middle ground. If a computer is connected to the Internet connection, it is vulnerable to online attacks. The only difference is some computers could be more susceptible than others. Table of Content Prerequisites What is Firewall Download FortiGate... Continue reading →
Blog.webp 2020-11-21 06:09:52 (Déjà vu) Ghizer TryHackMe Walkthrough (lien direct) Today we’re going to solve another boot2root challenge called “Ghizer“. It’s available at TryHackMe for penetration testing practice. This lab is not difficult if we have the right basic knowledge to break the labs and are attentive to all the details we find during the reconnaissance. The credit for making this lab goes to stuxnet.... Continue reading →
Blog.webp 2020-11-19 13:05:38 Comprehensive Guide on XXE Injection (lien direct) XML is a markup language that is commonly used in web development. It is used for storing and transporting data. So, today in this article, we will learn how an attacker can use this vulnerability to gain the information and try to defame web-application. XXE Testing Methodology: Introduction to XML Introduction to XXE Injection Impacts... Continue reading → Vulnerability ★★★★
Blog.webp 2020-11-18 13:06:19 DNScat2: Application Layer C&C (lien direct) In today's world, IT infrastructure and network security devices are becoming more and more secure and hence, ports like 53 (DNS) is used as a communication channel between a client and a C2 server. In highly restricted environments, DNS always resolves domains. So, to serve our penetration testing purpose we might require a tool that... Continue reading → Tool
Blog.webp 2020-11-18 12:14:27 AlienVault: Threat Hunting/Network Analysis (lien direct) What is threat hunting? The process of threat hunting involves proactively searching for malware or attackers that are hiding within a network. Rather than simply relying on security solutions or services to detect threats, threat hunting is a predictive element to a layered security strategy, empowering organizations to go on the offensive looking for threats.... Continue reading → Malware Threat
Blog.webp 2020-11-17 12:28:55 Comprehensive Guide on Honeypots (lien direct) Honeypots are generally hardware or software that are deployed by the security departments of any organization to examine the threats that are possessed by the attackers. Honeypots usually act as baits for an organization to gather information on the attacker and alongside protect the real target system. Table of Contents What are Honeypots Working of... Continue reading →
Blog.webp 2020-11-17 05:39:54 (Déjà vu) 0day TryHackMe Walkthrough (lien direct) Today we’re going to solve another boot2root challenge called “0day“. It’s available at TryHackMe for penetration testing practice. This lab is not difficult if we have the right basic knowledge to break the labs and are attentive to all the details we find during the reconnaissance. The credit for making this lab goes to MuirlandOracle... Continue reading →
Blog.webp 2020-11-15 15:09:17 The Server From Hell TryHackMe Walkthrough (lien direct) In this article, we will provide the write-up of the Try Hack Me Room: The Server from hell. This is a write-up about a medium level boot to root Linux box which is available for free on TryHackMe for penetration testing practice. Let's get started and learn how to break it down successfully. Level: Medium... Continue reading → Hack
Blog.webp 2020-11-14 14:27:23 (Déjà vu) Revenge TryHackMe Walkthrough (lien direct) Today we’re going to solve another boot2root challenge called “Revenge”. It’s available at TryHackMe for penetration testing practice. This lab is not difficult if we have the right basic knowledge to break the labs and are attentive to all the details we find during the reconnaissance. The credit for making this lab goes to Nameless0ne.... Continue reading →
Blog.webp 2020-11-13 16:17:43 HA: Sherlock Vulnhub Walkthrough (lien direct) Here is the walkthrough of our very own Capture-the-flag, HA: Sherlock which is designed by our team at Hacking Articles. “HA: Sherlock” is a vulnerable machine based on the famous investigator Sherlock Holmes's journey on solving the Curious Case of Harshit’s murder! This is a Forensic based Capture-the-Flag and is not a Boot-to-Root. So, there... Continue reading →
Blog.webp 2020-11-13 07:59:20 (Déjà vu) Internal TryHackMe Walkthrough (lien direct) Today we’re going to solve another boot2root challenge called “Internal”. It’s available at TryHackMe for penetration testing practice. This lab is not difficult if we have the right basic knowledge to break the labs and are attentive to all the details we find during the reconnaissance. The credit for making this lab goes to TheMayor.... Continue reading →
Blog.webp 2020-11-11 09:09:53 (Déjà vu) Startup TryHackMe Walkthrough (lien direct) Today we’re going to solve another boot2root challenge called “Startup”. It’s available at TryHackMe for penetration testing practice. This lab is not difficult if we have the right basic knowledge to break the labs and are attentive to all the details we find during the reconnaissance. The credit for making this lab goes to r1gormort1s.... Continue reading →
Blog.webp 2020-11-10 19:24:34 HA: Vedas Vulnhub Walkthrough (lien direct) This is our Walkthrough of “HA: Vedas” and the CTF is designed by Hacking Articles Team, hope you will enjoy it !! Task: Vedas meaning sacred knowledge or revealed knowledge, are the old texts of Hinduism. Thereby, this lab is based on the four Vedas, the flags are based on the same which are as... Continue reading →
Blog.webp 2020-11-09 07:53:35 (Déjà vu) Relevant TryHackMe Walkthrough (lien direct) Today we’re going to solve another boot2root challenge called “Relevant”. It’s available at TryHackMe for penetration testing practice. This lab is not difficult if we have the right basic knowledge to break the labs and are attentive to all the details we find during the reconnaissance. The credit for making this lab goes to TheMayor.... Continue reading →
Blog.webp 2020-11-08 20:20:49 Burp Suite for Pentester – Fuzzing with Intruder (Part 3) (lien direct) After reading both of our previous articles, you might be wondering, “What about the other features or sections that Burpsuite's Intruder offers us?” or “How can we use the other payload options rather than the Simple list only?” So today, in this article, you'll get all of your questions answered, whether it’s regarding the payload... Continue reading →
Blog.webp 2020-11-08 19:11:06 Memory Forensics using Volatility Workbench (lien direct) Volatility Workbench is a GUI version of one of the most popular tool Volatility for analyzing the artifacts from a memory dump. It is available free of cost, open-source, and runs on the Windows Operating system. You can download it from Here. You can refer to the previous  article Memory Forensics: Using Volatility from here, ... Continue reading → Tool
Blog.webp 2020-11-07 11:33:59 Burpsuite for Pentester – Fuzzing with Intruder (Part 2) (lien direct) Over in the previous article, we learned about what fuzzing is and how the burpsuite helps us to fuzz a web-application, along with all these things we had even explored some great fuzzing payload lists that are offered by the burpsuite's Intruder tab. So, today, in this article we'll investigate some other amazing pre-defined burpsuite's... Continue reading →
Blog.webp 2020-11-06 16:54:56 Comprehensive Guide on FTK Imager (lien direct) FTK Imager is an open-source software by AccessData that is used for creating accurate copies of the original evidence without actually making any changes to it. The Image of the original evidence is remaining the same and allows us to copy data at a much faster rate, which can be soon be preserved and can... Continue reading →
Blog.webp 2020-11-05 19:15:14 (Déjà vu) Burp Suite for Pentester – Fuzzing with Intruder (Part 1) (lien direct) Whether it’s guessing up a login credential or opting a valid payload for a specific vulnerability, both of these things are time-consuming and require a number of permutation and combination to built up a dictionary for them, if done manually. But what, if all these things are done with some simple click and you just... Continue reading →
Blog.webp 2020-11-05 19:15:14 Burp Suite for Pentester – Fuzzing via Intruder Tab (lien direct) Whether it’s guessing up a login credential or opting a valid payload for a specific vulnerability, both of these things are time-consuming and require a number of permutation and combination to built up a dictionary for them, if done manually. But what, if all these things are done with some simple click and you just... Continue reading →
Blog.webp 2020-11-03 17:06:52 Burp Suite for Pentester – XSS Validator (lien direct) You might have used a number of online tools to detect XSS vulnerabilities and a few to validate them and thereby, at last, with all the generated outcome you try to exploit the injection point manually or with burpsuite's fuzzing. But what, if we get all these things wrapped up at a single place. Today... Continue reading →
Blog.webp 2020-11-02 14:40:17 Burp Suite for Pentester – Configuring Proxy (lien direct) Burp Suite, you might have heard about this great tool and even used it in a number of times in your bug hunting or the penetration testing projects. Though, after writing several articles on web-application penetration testing, we've decided to write a few on the various options and methods provided by this amazing tool which... Continue reading → Tool
Blog.webp 2020-10-30 12:23:24 (Déjà vu) KB-Vuln: 3 Vulnhub Walkthrough (lien direct) Today we are going to solve another boot2root challenge called “KB-VULN: 3”.  It’s available at VulnHub for penetration testing and you can download it from here. The merit of making this lab is due to Machine. Let’s start and learn how to break it down successfully. Level: Eas Penetration Testing Methodology Reconnaissance Netdiscover Nmap Enumeration... Continue reading →
Blog.webp 2020-10-29 11:29:54 Memory Forensics: Using Volatility Framework (lien direct) Cyber Criminals and attackers have become so creative in their crime type that they have started finding methods to hide data in the volatile memory of the systems. Today, in this article we are going to have a greater understanding of live memory acquisition and its forensic analysis. Live Memory acquisition is a method that... Continue reading →
Blog.webp 2020-10-26 16:20:39 Forensic Investigation: Shellbags (lien direct) In this article, we will be focusing on shellbags and its forensic analysis using shellbag explorer. Shellbags are created to enhance the users' experience by remembering user preferences while exploring folders, the information stored in shellbags is useful for forensic investigation. Table of Contents Introduction Location of shellbags Forensic analysis using Shellbags Explorer Active Registry... Continue reading →
Blog.webp 2020-10-23 18:03:36 HA: Forensics: Vulnhub Walkthrough (lien direct) Introduction Today we are going to crack this vulnerable machine called HA: Forensics. This is a Capture the Flag type of challenge. It contains FOUR flags that are accessible as the solving of the lab progresses based on hints. It is a Forensics focused machine. Download Lab from here.  Penetration Testing Methodology Network Scanning Netdiscover... Continue reading →
Blog.webp 2020-10-23 09:32:48 AlienVault: OSSEC (IDS) Deployment (lien direct) In this article, we will discuss of Deployment of OSSEC (IDS) agents to the AlienVault server. OSSEC is an open-source, host-based intrusion detection system (commonly called IDS) that market itself as the world's most widely used intrusion detection system that performs or helps us to Monitor: – Network Anomalies Log analysis Integrity Checking Windows registry... Continue reading →
Blog.webp 2020-10-22 07:41:50 Forensic Investigation: Pagefile.sys (lien direct) In this article, we will learn how to perform a forensic investigation on a Page File. There is a lot of information that can be extracted from valuable artifacts through a memory dump. Yet, there is more: you can perform memory forensics even without a memory dump that is by virtual memory analysis. There are... Continue reading →
Blog.webp 2020-10-20 09:25:43 Forensic Investigation: Disk Drive Signature (lien direct) In this article, we will be using Disk Drive Signature to identify any suspicious changes in systems' directories or files. Creating such signatures can help us protect our data in various ways. Table of Contents Introduction Creating disk signature Comparing disk signature Introduction A disk drive signature is created to identify the suspicious changes in... Continue reading →
Blog.webp 2020-10-15 18:22:44 Forensic Investigation : Prefetch File (lien direct) In this article, we are going to study an important artifact of Windows, i.e. prefetch files. Every time you do anything on your Windows system, a file is created. These files are called Prefetch files. Through this article, we will learn how these are important and why do we need them. Table of Content Introduction... Continue reading →
Blog.webp 2020-10-14 14:54:47 (Déjà vu) Maskcrafter: 1.1: Vulnhub Walkthrough (lien direct) Introduction Today we are going to crack this vulnerable machine called Maskcrafter: 1.1. It is created by evdaez. It is a simple Boot to root kind of challenge. We need to get root privilege on the machine and read the root flag to complete the challenge. Overall, it was an intermediate machine to crack. Download... Continue reading →
Blog.webp 2020-10-13 16:31:01 AlienVault: End user Devices Integration-Lab Setup (Part 2) (lien direct) As logs never lie, it's very important to aggregate and analyze the internal and external network logs constantly so that you can prevent a breach or perform incident response on time. In the previous article, we looked at the configuration and installation of AlienVault OSSIM. The operating-system integration for AlienVault is based on window-centric for... Continue reading →
Blog.webp 2020-10-12 15:17:10 SIEM Lab Setup: AlienVault (lien direct) AlienVault OSSIM is an Open Source Security Information and Event Management (SIEM), which provides you with the feature-rich open source SIEM complete with event collection, normalization, and correlation. OSSIM is a unified platform which is providing the essential security capabilities like: – Asset discovery Vulnerability assessment Host Intrusion detection Network intrusion detection Behavioural monitoring SIEM... Continue reading → Vulnerability
Blog.webp 2020-10-11 14:22:43 Fast Incident Response and Data Collection (lien direct) In this article, we will gather information utilizing the quick incident response tools which are recorded beneath. All these tools are a few of the greatest tools available freely online. Through these, you can enhance your Cyber Forensics skills. Table of Contents Live Response Collection-Cederpelta Build CDIR(Cyber Defense Institute Incident Response) Collector Fast IR Collector... Continue reading →
Blog.webp 2020-10-11 13:44:38 (Déjà vu) Tempus Fugit: 3 Vulnhub Walkthrough (lien direct) Today we are going to solve another boot2root challenge called “Tempus: 3“.  It’s available at VulnHub for penetration testing and you can download it from here. The merit of making this lab is due to @4nqr34z & @theart42. Let’s start and learn how to break it down successfully. Level: Hard Penetration Testing Methodology Reconnaissance Netdiscover... Continue reading →
Last update at: 2024-03-28 16:12:18
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter