Clik here to view.
Exploiting Sql Injection with Nmap and Sqlmap
This article is about how to scan any target for sql injection using NMAP and then exploit the target with sqlmap if NMAP finds the target is vulnerable to sql injection. Now go with this tutorial for...
View ArticleClik here to view.
Hack the Basic HTTP Authentication using Burpsuite
In the context of a HTTP transaction, basic access authentication is a method for a HTTP user agent to provide a user name and password when making a request. HTTP Basic authentication (BA)...
View ArticleClik here to view.
Beginner Guide of mysql Penetration Testing
In this article we are going to perform penetration testing on mysql server, here we will perform attack through metasploit framework. Attacker: kali Linux Target: metasploitable II Lets Begin!!...
View ArticleClik here to view.
Exploiting Form Based Sql Injection using Sqlmap
In this tutorial you will came to across how to perfrom sql injection attack on a login form of any website. There are so many example related to login form like: facebook login; gmail login; other...
View ArticleClik here to view.
Hack the USV VM (CTF Challenge)
A new challenge for all of you guys! This CTF is all about conquering flags coming across our way as we go further in our penetration testing of this lab. All the flags should be discovered in form...
View ArticleClik here to view.
Web Penetration Testing with Tamper Data (Firefox Add-on)
Tampering is the way of modifying the request parameters before request submission. Tampering can be achieved by various methods and one of the ways is the through Tamper Data. Tamper data is one of...
View ArticleClik here to view.
Hack the Pipe VM (CTF Challenge)
PIPE is another CTF which gives you a platform to enhance your penetration testing skills. So let’s not waste any more time and get started with it. First of all download pipe lab from here Like always...
View ArticleClik here to view.
5 ways to File upload vulnerability Exploitation
File upload vulnerability is a major problem with web based applications. In many web servers this vulnerability depends entirely on purpose, that allows an attacker to upload a file with malicious...
View ArticleClik here to view.
Hack Windows PC using Firefox nsSMIL Time Container: :Notify Time Change() RCE
This module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange() across numerous versions of Mozilla Firefox on Microsoft Windows. Exploit...
View ArticleClik here to view.
Shell Uploading in Web Server through PhpMyAdmin
In this tutorial we will learn how to exploit a web server if we found phpmyadmin panel has been left open. Here I will try to exploit phpmyadmin which is running inside the localhost “xampp” by...
View ArticleClik here to view.
Web Shells Penetration Testing (Beginner Guide)
Through this article I would like to share file uploading using different type web shell scripts on a web server and try to get unauthorized access in the server. Web shells are the scripts that are...
View ArticleClik here to view.
Hack the Gibson VM (CTF Challenge)
It’s a boot2root challenge and it does not get over with getting root access. You have to find flag also. So let’s start. First of all download lab from https://download.vulnhub.com/gibson/gibson.ova...
View ArticleClik here to view.
Exploit Command Injection Vulnearbility with Commix and Netcat
In this article I will show how easily you can hack a web server using commix tool if the severe is suffering from OS command injection vulnerbility. Attaker: kali Linux Target: bwapp Download it from...
View ArticleClik here to view.
Command Injection to Meterpreter using Commix
In this article I will show how easily you can hack a web server using commix tool if the severe is suffering from OS command injection vulnerbility and try to access meterpreter shell. Attaker: kali...
View ArticleClik here to view.
Webshell to Meterpreter
Through this article you will learn how we can achevie meterpreter shell after uploading a PHP backdoor script in victim’s PC. You can read previous article to upload PHP web shell in a web server....
View ArticleClik here to view.
Web Server Exploitation with LFI and File Upload
In this article you will learn how to bypass file uploading vulnerability in high security through FILE INCLUSION vulnerability. As well as how to bypass local file inclusion to get reverse connection...
View ArticleClik here to view.
Exploit Webserver through Log Injection with LFI
Through this article you will see how to create local file inclusion log posioning inside the target machine and gain unauthourized access with help of apache access .log file. Attacker: Kali Linux...
View ArticleClik here to view.
5 ways to Exploit LFi Vulnerability
The main aim of writing this article is to share the idea of making an attack on a web server using various techniques when the server is suffering from file inclusion vulnerability. As we all are...
View ArticleClik here to view.
File Upload Exploitation in bWAPP (Bypass All Security)
In this article you will learn how to bypass all three security level of unrestricted file upload inside the bWAPP and if you want to know more about the various kind of file uploading vulnerability...
View ArticleClik here to view.
Hack Remote PC with Apache OpenOffice Text Document Malicious Macro Execution
This module generates an Apache OpenOffice Text Document with a malicious macro in it. To exploit successfully, the targeted user must adjust the security level in Macro Security to either Medium or...
View Article