Clik here to view.
Windows Persistence with PowerShell Empire
This is the third article in our empire series, through this we will learn elevated persistence methods. Its trigger method is pretty organised with storage options contained within each module. In...
View ArticleClik here to view.
Hiding IP During Pentest using PowerShell Empire (http_hop)
This is our fourth article in empire series, in this article we learn to use hop payload in PowerShell empire. Empire has an inbuilt listener named http_hop which allows us to redirect our traffic to...
View ArticleClik here to view.
nps_payload: An Application Whitelisting Bypass Tool
In this article, we will create payloads using a tool named nps_payload and get meterpreter sessions using those payloads. This tool is written by Larry Spohn and Ben Mauch. Find this tool on GitHub....
View ArticleClik here to view.
Bypass User Access Control using Empire
This is the fifth article in our empire series, for the basic guide to empire click here. In this article, we will learn to bypass administrator privileges using various bypassuac post-exploitation...
View ArticleClik here to view.
Command and Control Guide to Merlin
In this article, we learn how to use Merlin C2 tool. It is developed by Russel Van Tuyl in Go language. Table of content: Introduction Installation Windows exploitation Windows post exploitation Linux...
View ArticleClik here to view.
Multiple Ways to Exploiting OSX using PowerShell Empire
In this article, we will learn multiple ways to how to hack OS X using empire. There are various stagers given in empire for the same and we use a few of them in our article. Method to attack OS X is...
View ArticleClik here to view.
Command & Control Tool: Pupy
In this article, we will learn to exploit Windows, Linux and Android with pupy command and control tool. Table of Content : Introduction Installation Windows Exploitation Windows Post Exploitation...
View ArticleClik here to view.
Bypass Application Whitelisting using msiexec.exe (Multiple Methods)
In our previous article, we had discussed on “Windows Applocker Policy – A Beginner’s Guide” as they define the AppLocker rules for your application control policies and how to work with them. But...
View ArticleClik here to view.
Exploiting Windows using Contact File HTML Injection/RCE
After the 0 day exploit on malicious VCF file in windows, cybersecurity researcher John Page deserves another round of applause for bringing this vulnerability onto exploit-db’s eye on 23rd January...
View ArticleClik here to view.
Windows Firewall Post Exploitation with Netsh
This article is will provide an in-depth post exploitation guide to gather all the information about the victim’s Firewall and network settings. Table of Content : Introduction to Firewall Rules of...
View ArticleClik here to view.
Exploiting Windows PC using Malicious Contact VCF file
A huge shoutout to cybersecurity researcher John Page for bringing this vulnerability into the internet’s eye on 15th January 2019. This was a 0 day exploit and of course, works with the latest Windows...
View ArticleClik here to view.
Jenkins Pentest Lab Setup
Hey! You all know that we have performed so many CTF challenges and we got to know about Jenkins there. So let’s know about Jenkins better. For this, we are here with the new challenges which you will...
View ArticleClik here to view.
Pentest Lab Setup on Memcached
In this article, we are going to learn about pen-testing in Memcached lab setup in Ubuntu 18.04. Memcached server is used by corporations in order to increase the speed of their network as it helps to...
View ArticleClik here to view.
Comprehensive Guide on Netcat
This article will provide you with the basic guide of Netcat and how to get a session from it using different methods. Table of Contents: Introduction Features Getting start with NC Connecting to a...
View ArticleClik here to view.
Kage: Graphical User Interface for Metasploit
Kage is a GUI for Metasploit RCP servers. It is a good tool for beginners to understand the working of Metasploit as it generates payload and lets you interact with sessions. As this tool is on the...
View ArticleClik here to view.
Beginner’s Guide to Nessus
In this article, we will learn about Nessus which is a network vulnerability scanner. There are various network vulnerability scanners but Nessus is one of the best because of its most successful GUI....
View ArticleClik here to view.
Windows Firewall Post Exploitation with Netsh
This article is will provide an in-depth post exploitation guide to gather all the information about the victim’s Firewall and network settings. Table of Content : Introduction to Firewall Rules of...
View ArticleClik here to view.
Web Server Lab Setup for Penetration Testing
In this post, we will discuss how to set-up our own web server for penetration testing on Ubuntu 18. Ubuntu 18 has updated with the new features. Table of Content Requirement Web Server configuration...
View ArticleClik here to view.
PowerCat -A PowerShell Netcat
The word PowerCat named from Powershell Netcat which is a new version of netcat in the form of the powershell script. In this article, we will learn about powercat which a PowerShell tool for is...
View ArticleClik here to view.
Linux for Pentester: APT Privilege Escalation
In this article, we’ll talk about APT (apt-get) functionality and learn how helpful the apt command is for Linux penetration testing and how we’ll progress apt to scale the greater privilege shell....
View Article