Maintaining Access with Web Backdoors [Weevely]

Once a web server and its services have been compromised, it is important to ensure that secure access can be maintained. This is usually accomplished with the aid of a web shell—a small program that provides stealth backdoor access and allows... Read more

Wi-Fi deauthentication attack against 802.11 protocol

A Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point. The final attack against wireless networks that we’ll evaluate is the denial-of-service attack, where an attacker deprives a... Read more

Bypass Hidden SSID in a Wireless Network [Full Proof Method]

ESSID(Extended Service Set Identifier) is the sequence of characters that uniquely identify a wireless local area network. Hiding the ESSID is a poor method of attempting to achieve security through obscurity; unfortunately, the ESSID can be obtained by: Sniffing the... Read more

Install and Configure TOR in Kali Linux [2017]

Tor ( is an open source implementation of the third generation onion routing that provides free access to an anonymous proxy network. Onion routing enables online anonymity by encrypting user traffic and then transmitting it through a series of onion... Read more

A Brief Overview of Kali Linux Tools

Kali Linux offers a number of customized tools designed for Penetration Testing. Tools are categorized in the following groups as seen in the drop-down menu shown in the following screenshot: Information Gathering: These are Reconnaissance tools used to gather data... Read more

50 questions you need to know about Professional Penetration Testing | FAQ

Those of us who have conducted or participated in a penetration test will understand that tools are not the only thing necessary to successfully complete a PenTest. Methodologies are essential for ensuring that the assessor identifies all vulnerabilities within the... Read more

40 Cyber Security MCQ with Answers and Explanations

The following multiple-choice questions are just a Warm-up Questions for you which are as follows: 1. Why would a hacker use a proxy server? A. To create a stronger connection with the target. B. To create a ghost server on... Read more

[Solution] SSL Handshake Alert Error – Burp Suite

Web Application Proxies like Burp Proxy, WebScarab or Tamper Data Addon allow a security tester to intercept the requests/responses between the client HTTP application and the web server. Proxies are the fundamental for the analysis of the web application. Portswigger... Read more

Denial of Service – Attack | Types | Countermeasures

Internet-facing systems are constantly in danger from a variety of threats. Of these threats is a DoS attack, which involves a single system, or a DDoS attack that involves many distributed systems, as both can disrupt the ability for a server to... Read more

5 Books Considered the “Best Nmap Books Ever Written”

Nmap (Network Mapper) is a security scanner, originally written by Gordon Lyon used to discover hosts and services on a computer network, thus building a “map” of the network. Typical uses of Nmap: Auditing the security of a device or... Read more

Another biggest outbreak – BadRabbit Ransomware Attack

As we all knows WannaCry has demonstrated the world’s vulnerability to ransomware which ultimately left 230,000 residents without power for as long as 6 hours and affects nearly 300,000 systems. But it may also have made unwitting progress towards protecting... Read more

Nmap gets a new look and feel with NMapGUI

NMapGUI is an advanced graphical user interface for NMap network analysis tool. It allows to extend and ease the typical usage of NMap by providen a visual and fast interface with the application. Features of NMapGUI –  Cross-platform (You can... Read more

OWASP Top 10 – RC2 Final Released [A4, A8 and A10] Added

The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain applications and APIs that can be trusted. All the OWASP tools, documents, videos and presentations and chapters are free and... Read more

Submit your website to Google Search Engine – Two Ways

There is no doubt that the advent of the Internet has sparked a revolution in how we share information as families, businesses, and world citizens. Perhaps the most important technological invention since the printing press, this one single communication medium... Read more

Use Meta tags to increase traffic from Targeted Countries

A website’s rankings are not going to magically improve. New websites are not going to instantly have thousands of visitors. This is online reality. But there is something you can do about it. Search Engine Optimization (SEO) is a tried and true method... Read more

Top 10 Features – Windows 10 Fall Creators Update (Must See)

Windows 10 is one of the most stable and secured operating system ever released from Microsoft and now this time by 17th October, Microsoft rolled out Windows 10 Fall Creators Update (10 AM P.T) across the world. This new fall... Read more

Krack Attack – Core Protocol Level Attack in WPA2 Wi-Fi Network

WPA2 Protocol is one of the most using protocol for Wireless networks now a days but due to latest research, WPA2 can easily be cracked and the handshake traffic can be manipulated to induce nonce and session key reuse, resulting... Read more

Parameth – a tool for brute discover GET/POST Parameters

Parameth is an open source tool developed by maK- (obviously a l33t name) through which you can easily find GET and POST URLs by a single command. Often when you are busting a directory for common files, you can identify scripts... Read more

List all installed programs, version & path [Windows]

WMIC is the console version of Windows Managament Instrumentation which is available from windows 2000 onwards. By Typing “wmic product get name” will shows you a list of all application names which is installed on your machine. Alternatively, you can... Read more

Find a Website IP with Python2 and Python3 – [5 Examples]

Python is an interpreted, object-oriented, high-level programming language. Python can be ran on almost any OS. While it is not native to Windows machines, it is native to most Linux distributions. The great thing with Python is its flexibility and... Read more