Thick Client Penetration Testing on DVTA
In the previous article, we have seen some methods to Analyze the Traffic of Thick Client Applications specifically in DVTA. You can take a look at that article by browsing this link: –...
View ArticleComprehensive Guide to AutoRecon
The AutoRecon tool is designed as a network reconnaissance tool. It is a multi-threaded tool that performs automated enumeration of services. The purpose of this tool is to save time while cracking...
View ArticleComprehensive Guide on ffuf
In this article, we will learn how we can use ffuf, which states for “Fuzz Faster U Fool”, which is an interesting open-source web fuzzing tool. Since its release, many people have gravitated towards...
View ArticleWordlists for Pentester
A Pentester is as good as their tools and when it comes to cracking the password, stressing authentication panels or even a simple directory Bruteforce it all drills down to the wordlists that you use....
View ArticleEncrypted Reverse Shell for Pentester
Reverse shell that is generally used in the wild are prone to sniffing attacks as the communication that happens between the attacker and the victim machine is clear text-based communication. This...
View ArticleMetasploit for Pentester: Mimikatz
This article will showcase various attacks and tasks that can be performed on a compromised Windows Machine which is a part of a Domain Controller through Metasploit inbuilt Mimikatz Module which is...
View ArticleWireshark For Pentester: A Beginner’s Guide
Wireshark is an open-source application and it is the world’s foremost and widely-used network protocol analyzer that lets you see what’s happening on your network at a microscopic level. Just Because...
View ArticleWireshark for Pentester: Password Sniffing
Many people wonder if Wireshark can capture passwords. The answer is undoubtedly yes! Wireshark can capture not only passwords, but any type of data passing through a network – usernames, email...
View ArticleWireshark for Pentester: Decrypting RDP Traffic
Over the last few years, attackers used the Remote Desktop Protocol (RDP) for accessing unsecured servers and company networks. In ransomware malware attacks since 2017, RDP has become a major vector....
View ArticleA Beginner’s Guide to Buffer Overflow
In this guide, we are going to learn about what is a buffer overflow and how it occurs? Buffer Overflow occurs by overwriting memory fragments of a process or program. Overwriting values of certain...
View ArticleAnonymous Logins for Pentesters
In this article, we will focus on the various services that support the Anonymous Logins. We will be understanding the process to setup those service on your local target system and then using Kali...
View ArticleRemote Desktop Penetration Testing (Port 3389)
In this article, we are discussing Remote Desktop penetration testing in four scenarios. Through that, we are trying to explain how an attacker can breach security in a different- different scenario...
View ArticleVNC Penetration Testing
In this article, we are discussing Internal Penetration Testing on the VNC server. Through that, we are trying to explain how an attacker can breach security in various scenarios with the installation...
View ArticleMeterpreter for Pentester: Sessions
In this series of articles, we will be focusing on the various mechanisms of the Metasploit Framework that can be used by Penetration Testers. Today we are going to learn about the session’s command of...
View ArticleMetasploit for Pentester: Database & Workspace
In this series of articles, we are focusing on the various mechanisms of the Metasploit Framework that can be used by Penetration Testers. Today we are going to learn about the workspace and database...
View ArticleMetasploit for Pentester: Clipboard
In this series of articles, we will be focusing on the various mechanisms of the Metasploit Framework that can be used by Penetration Testers. Here, we will be discussing the External API extension...
View ArticleWireless Penetration Testing: Wifipumpkin3
Wifipumpkin3 is a framework that is built on python to give rogue access point attacks to red teamers and reverse engineers. In this article, we would look at how we can use this tool to create a bogus...
View ArticleMetasploit for Pentester: Inject Payload into Executable
Being lurking and undetectable is the priority after anonymity. In this article, we are going to learn how to create an innocuous-looking backdoor and bind it with a legitimate executable file to gain...
View ArticleMetasploit for Pentester: Migrate
In the continuation in this series of articles dedicated to the Metasploit Framework to provide an appropriate resource for Penetration Testers so that they can use the variety of the features present...
View ArticleMetasploit for Pentester: Windows Hidden Bind Shell
In this article, we are going to cover the tactics of Hidden BIND TCP shellcode. Every organization has multiple scanning tools to scan their network and to identify the new or unidentified open ports....
View Article