Bruteforce WordPress with XMLRPC Python Exploit

WordPress did not become the most popular platform on the planet for CMS and blog posting, because it is quite difficult to use. Most likely, its convenient and rich feature set has attracted…

Read more

How to turn on PowerShell Transcription Logging in Windows 10

Microsoft Windows PowerShell is a great scripting platform for security researchers as well as for hackers. PowerShell is not only used to manage Windows OS, but Microsoft has also extended the capability of…

Read more

Top 3 Open Source SSL Testing Tools

Security, privacy and data integrity are important properties of today’s Internet applications and protocols.The security and confidentiality of millions of Internet transactions per day depend upon the Secure Socket Layer (SSL)/Transport Layer Security…

Read more

How to Download Wistia Videos without any Tool

Are you looking for a software to download wistia videos? As a leading video platform, Wistia indeed makes it easy for businesses to manage, create, host, share, and measure videos. There are alot…

Read more

Enable/Disable a Network Connection using WMIC, NETSH and POWERSHELL

The network interface controller (NIC) is a hardware card that allows a PC to participate in passing and receiving data on a network. An NIC is commonly referred to as an NIC card,…

Read more

Configure Node.js Server on Amazon Web Services (AWS)

Like many successful dot-com era startups, Amazon found itself with an enviable problem at the turn of the century: the scale of their business had grown beyond the capacities of any available pre-packaged…

Read more

Manipulating MAC and IP addresses with MICH in Linux

You must be familiar with the term IP address. Just like your home has a mailing address in the same way any computer or device connected to the internet have a mailing address…

Read more

How to Fix Common SSL Issues on WordPress

Despite some high profile security issues, SSL (and TLS) remain the standards for ensuring secure communications and commerce on the web, and has seen dramatic growth in recent years. When SSL was conceived…

Read more

Find Public IP Address From Command Line – 12 Examples

The public IP address is what you see online when you access them from your computer. If you want to try to connect to your computer via a remote connection that isn’t on…

Read more

How to Install XAMPP in Ubuntu 18.04 Linux

The Apache HTTP Server, colloquially called Apache, is the world’s most used web server software. As of November 2015, Apache was estimated to serve 50% of all active websites and 37% of the…

Read more

Exploitation of UnreaIIRCd 3.2.8.1 by using Metasploit and Perl Script

UnrealIRCd is an open source IRC daemon, originally based on DreamForge, and is available for Unix-like operating systems and Windows. Since the beginning of development on UnrealIRCd circa May 1999, many new features…

Read more

Find Virtual Machine IP Through Kali Linux – 3 Methods

While solving CTF or bug bounty challenges, sometimes you need to find out the IP address of the machine because that machine is not logged in at that time. We realize that some people…

Read more

Wireless Packet Injection Testing Tutorial

If you’re in the market for a wireless network adapter, then you always got confused that which adapter is the best adapter. This USB adapter must compact enough to fit in your pocket…

Read more

[RCE] Exploitation of Microsoft Office/WordPad – CVE-2017-0199 [Tutorial]

A remote code execution vulnerability exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploited this vulnerability could take control of an affected system. An…

Read more

From Command Execution to Meterpreter Reverse Shell with Commix

Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe…

Read more

From RFI(Remote File Inclusion) to Meterpreter Shell

For many years now we’ve participated in many coding forums and discussion platforms. Perhaps one of the biggest issues we see is people using $_GET or another unfiltered variable inside of an include,…

Read more

JAVA RMI (Remote Method Invocation) Exploitation with Metasploit Framework

The Java Remote Method Invocation, or Java RMI, is a mechanism that allows an object that exists in one Java virtual machine to access and call methods that are contained in another Java…

Read more

From Command Injection To Meterpreter Shell – Detailed Tutorial 2018

Other than XSS and SQL Injection, there are number of different attack techniques against a web application. In this tutorial,we’ll exploit the DVWA Web Application with Command Injection Attack. There are so many…

Read more

How to Enable Self-Signed Certificates for Local Apache Webserver – LINUX

This article describe how to quickly enable SSL for local apache web server under Linux. This has been done on a Kali Linux virtual machine of version 2018.1, the one maintained and funded…

Read more

How To Decode Base64 In Most Popular Programming Languages

Base64 is a group of similar binary-to-text encoding schemes that represents binary data in an ASCII string format by translating it into radix-64 representation. All examples below uses base64 decoded text (eWVhaGh1Yg==) for…

Read more

Get Linux IP Address from Command Line – 5 Ways

What is IP Address –  A unique number consisting of four parts separated by dots. Every device on the Internet (and on any network) must have a unique IP address to participate and…

Read more

Install DVWA (Damn Vulnerable Web Application) in Kali Linux – Detailed Tutorial

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn defenseless. Its main goals are to be an aid for security professionals to test their skills and tools in a…

Read more