Clik here to view.
Hack the VulOS 1.1 VM (CTF Challenge)
“Your assignment is to pentest a company website, get root of the system and read the final flag” is the only thing we know about this VM other than that is it a smaller one. Therefore without any...
View ArticleClik here to view.
Hack the SpyderSec VM (CTF Challenge)
You are looking for two flags. Using discovered pointers in various elements of the running web application you can deduce the first flag (a downloadable file) which is required to find the second flag...
View ArticleClik here to view.
Hack Remote Windows 10 PC using HTA Web Server
This module hosts an HTML Application (HTA) that when opened will run a payload via Powershell. When a user navigates to the HTA file they will be prompted by IE twice before the payload is executed...
View ArticleClik here to view.
Search Port Names and Numbers using whatportis
Whatportis is a utility command to search port numbers and/or names. It often happens that we need to find the default port number for a specific service, or what service is normally listening on a...
View ArticleClik here to view.
Command Injection Exploitation in DVWA using Metasploit (Bypass All Security)
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application...
View ArticleClik here to view.
Exploiting Joomla Website using Account Creation and Privilege Escalation
In this article we will learn about hacking Joomla CMS. And to so we will be a pre-instaled module of metasploit which will further help us to create an autocratic account with administrative...
View ArticleClik here to view.
Hack Linux Kernel using Dirtycow Exploit (Privilege Escalation)
People say that “good things take time” but everyone knows that in today’s world everyone has everything but time especially in cyber security and hacking. But worry no more about time as we are going...
View ArticleClik here to view.
Hack the Kioptrix VM (CTF Challenge)
Today we going to solve Kioptrix: Level 1.3 (#4). It is Boot2Root series provided for practice. Hints we have from author are : It’s possible to remotely compromise the machine Stays within the target...
View ArticleClik here to view.
Hack the Acid VM (CTF Challenge)
The name of the Virtual machine is “Acid Server” that we are going to crack. It is an Boot2Root Vm that we are going to solve. This is a web-based VM. Our main goal is to escalate the privileges to...
View ArticleClik here to view.
Hack the Lord of the Root VM (CTF Challenge)
This is another Boot2Root challenge which has been prepared by KoocSec for hacking exercises. He prepared this through the inspiration of his OSCP exam. It is based on the concepts of great...
View ArticleClik here to view.
Hack the Breach 2.1 VM (CTF Challenge)
Breach 2.1 is the second VM in the multi-series Boot2Root CTF challenges. This is developed by mrb3n. It is high-level challenge and shows a lot of scenario including plenty of twists and trolls along...
View ArticleClik here to view.
Hack Acid Reloaded VM (CTF Challenge)
Acid reloaded is the 2nd VM of the Acid series of Boot2Root CTF exercise. It is created by Avinash Thappa. To capture the flag, first we have to gain the root access that means escalating administrator...
View ArticleClik here to view.
bWAPP Command Injection Exploitation using Commix (Bypass All Security)
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application...
View ArticleClik here to view.
How to Secure SSH Port using Port Forwarding (Beginner Guide)
In this article I am going to perform how to use port forwarding in a system which is a process that redirects a communication request from a specific port to another port or host. It is basically...
View ArticleClik here to view.
Play Youtube videos as background sound in Remote PC using Xerosploit
Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow realizing efficient attacks, and also allows...
View ArticleClik here to view.
5 ways to Brute Force Attack on WordPress Website
Brute force attack using Burp Suite To make Burp Suite work, firstly, we have to turn on manual proxy and for that go to the settings and choose Preferences. Then select advanced option and further go...
View ArticleClik here to view.
Exploit Windows 10 pc using WinaXe 7.7 FTP Client Remote Buffer Overflow
This module exploits a buffer overflow in the WinaXe 7.7 FTP client. This issue is triggered when a client connects to the server and is expecting the Server Ready response. Exploit Targets WinaXe 7.7...
View ArticleClik here to view.
Hack Android Phone using HTA Attack with QR Code
QR Code is a 2 dimensional barcode which can be scanned using Smartphone’s or dedicated QR Readers. These QR Codes are directly linked to contact numbers, websites, usernames, photos, SMS, E-mails and...
View ArticleClik here to view.
7 Ways to Get Admin Access of Remote Windows PC (Bypass Privilege Escalation)
When you exploit the victim pc there would be certain limits which resist performing some action even after you are having the shell of victim’s pc. To get complete access of your victim pc; you need...
View ArticleClik here to view.
Hack the SkyDog Con CTF 2016 – Catch Me If You Can VM
SkyDog is the second VM in CTF Root2Boot series created by James Brower. It is configured with DHCP so the IP will be given to it automatically. This VM is based on Catch me if you can which is movie...
View Article