Clik here to view.
Exploitation of Metasploitable 3 using Glassfish Service
Target: Metasploitable 3 Attacker: Kali Linux Use nmap command for scanning the target PC. NMAP will show all available open ports and their running services. Type the following command on terminal in...
View ArticleClik here to view.
Penetration Testing in Metasploitable 3 with SMB and Tomcat
Target: Metasploitable 3 Attacker: Kali Linux Let’s begin through scanning the target IP to know the Open ports for running services. I am using nmap command for scanning the target PC. Type the...
View ArticleClik here to view.
Hack Admin Access of Remote windows 10 PC using Eventvwr Registry Key Exploit
First of all, to learn to how to hack victim’s PC click here. After hacking when you have gained a meterpreter session then type: getprivs using this command you will confirm the fact that you have not...
View ArticleClik here to view.
WordPress Penetration Testing using Symposium Plugin SQL Injection
WP Symposium turns a WordPress website into a Social Network! It is a WordPress plugin that provides a forum, activity (similar to Facebook wall), member directory, private mail, notification panel,...
View ArticleClik here to view.
Hack Remote PC using PSEXEC Injection in SET Toolkit
Target: Window Server Attacker machine: kali Linux  In this article I am going to make powershell injection attack though SEToolkit; for this attack it is necessary that SMB service must be running and...
View ArticleClik here to view.
Hack the Fortress VM (CTF Challenge)
Previously you have breach many vulnhub CTF, today we will try to breach FORTRESS VULNHUB CTF. Download it from here. Start Kali Linux and follow  these steps.  Open terminal in Kali Linux and run this...
View ArticleClik here to view.
5 Ways to Penetration Testing of HTTP Protocol (Verb Tempering)
You all are very much aware of HTTP protocol and its services. HTTP is considered to authorize intermediate network elements to develop communications between clients and servers. HTTP is an...
View ArticleClik here to view.
5 ways to Exploiting PUT Vulnerability in Webserver
Today’s article is related to bypass PUT method vulnerability through various techniques. From previous article we came across to different actions performed by HTTP methods where I had described the...
View ArticleClik here to view.
Hack the Padding Oracle Lab
The main purpose to solve this lab was to share the padding oracle attack technique with our visitors The padding oracle attack enables an attacker to decrypt encrypted data without knowledge of the...
View ArticleClik here to view.
Shell uploading through sql Injection using Sqmap in bWAPP
Multiple times you people have used sqlmap for sql injection to get database of web server. Here in this tutorial I will show you how to upload any backdoor if the website is suffering from sql...
View ArticleClik here to view.
Meterpreter Shell uploading in DVWA using SQl Injection
This article is exactly same as previous article; today I will make use of sqlmap to upload backdoor filein DVWA suffering from sql injection vulnerbility. Requirement: Xampp/Wamp Server DVWA Lab Kali...
View ArticleClik here to view.
Command Injection Exploitation through SQL Injection using Sqlmap in DVWA
In this article we will see how to perform command injection using sqlmap and try to execute any cmd command through sqlmap if web server is having sql vulnerability. Â Requirement: Xampp/Wamp Server...
View ArticleClik here to view.
Web Penetration Testing Lab setup using XVWA
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security. It’s not advisable to host this application online as it is designed to be...
View ArticleClik here to view.
Exploiting the Webserver using Sqlmap and Metasploit (OS-Pwn)
This artilce is about how to use sqlmap for sql injection to hack victim pc and gain shell access. Here I had perform sql attack to gain three different type of shell (meterpreter; command shell; VNC...
View ArticleClik here to view.
Hack the Pentester Lab: from SQL injection to Shell VM
Today we are going to perform penetration testing in another lab, download it from here. Now install the iso image in VM ware and start it. The task given in this lab is to gain access of...
View ArticleClik here to view.
Brute Forcing Multiple Databases using HexorBase
HexorBase is a database application designed for administering and auditing multiple database servers simultaneously from a centralized location, it is capable of performing SQL queries and bruteforce...
View ArticleClik here to view.
Sql Injection Exploitation with Sqlmap and Burp Suite (Burp CO2 Plugin)
Burp CO2 is an extension for the popular web proxy / web application testing tool called Burp Suite, available at Portswigger. You must install Burp Suite before installing the Burp CO2 extension. The...
View ArticleClik here to view.
SQL Injection Exploitation in Multiple Targets using Sqlmap
In this article we are going to perform sql injection attack on multiple target through sqlmap In the tutorial I had used two buggy web dvwa and Acurat (vulweb.com). Start dvwa and select sql...
View ArticleClik here to view.
Hack the Pentester Lab: from SQL injection to Shell II (Blind SQL Injection)
Today we are going to perform penetration testing with part II of previous lab, download it from here. Now install the iso image in VM ware and start it. In this lab task level is intermediate and...
View ArticleClik here to view.
Easy way to Hack Database using Wizard switch in Sqlmap
Sqlmap provides wizard options for beiggner and save your much time. So start your kali Linux and open the terminal and now the following command to use wizard interface of sqlmap. sqlmap -u...
View Article