Yuki Chan – The Automated Penetration Testing Tool – Kali Linux 2017.2

The Yuki Chan is an Automated Penetration Testing tool through which you can easily audit any website and gather all possible information like website enumeration, ssl security auditing etc. Features – Fully Automated Tool Intel-Gathering with smart search Complete Vulnerability... Read more

Top 18 PHP Code Analysis Resources – 2017 Compilation List

As you all knows PHP is one of the most popular server side language and is widely used open source general purpose scripting language that is specially suited for web development and can easily be embedded into HTML. Today we’ll... Read more

Simple and Target Mac Flooding [Kali Linux 2017.2]

The idea behind a MAC flooding attack is to send a huge amount of ARP replies to a switch, thereby overloading the cam table of the switch. Once the switch overloads, it goes into hub mode, meaning that it will... Read more

DKMC – Another Wonderful Malicious Payload Evasion Tool (Windows Hacking)

Windows would be one of our common targets, since it is the most used operating system in the corporate environment. Since most of you are familiar with Windows, it would be easy to enumerate it. Our main goal is to... Read more

Automated MITM Attack with MitmAP Python Script

Wireless networks were first introduced in 1991. The wireless networking is an invention that makes it possible to transfer data packets over standard network protocols: the only difference is that it uses radio waves rather than wires or optical fibres... Read more

Kali Linux 2017.2 Updated and Newly Added Tools List

Kali Linux 2017.2 was released on September 20, 2017. This release is a roll-up of all updates and fixes since our 2017.1 release in April. More than a dozen Open Source tools present on GitHub have been added to this release. This... Read more

Kali Linux 2017.2 has been released with new tools

Kali Linux is a Debian-based distribution with a collection of security and forensics tools. The new version of Kali Linux i.e. 2017.2 is already been out with awesome features and is available for your download. In April 2017, 2017.1 version... Read more

MSFvenom Payload Creator (MSFPC) – Installation and Usage

With the help of MSFPC, you can quickly generate the payload based on msfvenom module which is a part of Metasploit Framework. So MSFvenom Payload Creator is a simple wrapper to generate multiple types of payloads like APK(.apk), ASP(.asp), ASPX(.aspx),... Read more

CCLEANER Hacked ! – Affected 20 Million Users Worldwide

CCleaner is one of the most popular tool for cleaning for your PC. It makes it easy to speed up a slow computer and keep your activity private — automatically and in the background. It also regularly cleans junk files... Read more

Meterpreter Commands in Detail 2017 – Metasploit Framework

After a successful exploit a Meterpreter shell allows you to perform many different functions along with a full remote shell. Meterpreter is great for manipulating a system once you get a remote connection, so depending on what your goals are;... Read more

MYSQL Command Line Tutorial – Kali Linux

As you all knows, Kali Linux is one of the most popular penetration testing operating system having more than 400+ hacking tools pre-installed in it. Kali is the latest and greatest version of the ever popular Backtrack Linux penetration testing... Read more

About Wireshark – A Packet Sniffer and its Components

The purpose of this article is to introduce the most popular packet sniffer i.e. WIRESHARK.  The basic tool for observing the messages exchanged between executing protocol entities is called a packet sniffer. As the name suggests, a packet sniffer captures... Read more

Vevo Hacked by OurMine – 3.12TB data leaked

OurMine Group (Saudi Arabian Hacking Group) is now back and has claimed the responsibility for the breach of Vevo which is the most popular online video streaming service. Even Vevo.com is now not available, they’ve already put a Under Maintenance... Read more

Steal Windows Product Key Remotely with Metasploit Framework

As discussed previously, we had successfully exploited a windows machine with Metasploit Framework and created an administrator user in targeted machine. Now in this article, we’ll another exploit which steals the Windows Product Key remotely. Read Here: How to Hack... Read more

Use Keylogger in Metasploit Framework

Sometimes a penetration tester may have remote access to a user’s machine, but he may not have the user’s password. Maybe the user has a very long complex password that would just take too long to crack. What could he... Read more

HTML – Questions With Answers – 201 to 225 Questions – SET 9

Q201. What two words should be avoided as link labels on a web page? Answer – “Click here” should be avoided as link labels on a web page. Q202. Fill in the blank: JavaScript is case-_____________. Answer – JavaScript is... Read more

IIS Server Hardening – Banner Grabbing Prevention Techniques

IIS (Internet Information Server) is one of the most powerful web servers from Microsoft that is used to host your Web application. IIS has it’s own Process Engine to handle the request. So, when a request comes from client to... Read more

Advanced Error Based SQL Injection Exploitation – Manually

Previously we exploited a SQL injection vulnerable website with one of the most popular automated tool called as SQLMAP and now in this article, we’ll try to exploit the similar vulnerable website manually with Error based SQL Injection attack. SQL... Read more

Change Windows Password of Remote PC via METASPLOIT

To change windows password, the first step is to hack that system via Metasploit framework and it always depends upon the target OS, like which version your target is using. In this article, we’re assuming that the target OS is... Read more

What we know so far about cryptographic vulnerabilities

Weak or home-grown algorithms A common mistake developers make is to use weak or flawed encryption/hashing algorithms. For example, many developers use md5 or sha1 as their hashing algorithm of choice. Using a md5-signed SSL certificate is not a good... Read more