Tutorials

Linux System Reconnaissance [Top Linux Commands]

In the early 90’s GNU/Linux systems consisted of little more than a beta – quality Linux kernel and a small collection of software ported from the GNU project. It was a true hacker’s operating system. There were no CD?ROM’s or GUI installation tools; everything had to be compiled and configured by the end user. Like all […]

Tutorials

Report Bulk Malicious URLs to Windows Defender Security Intelligence (WDSI)

Windows Defender Security Intelligence (WDSI), formerly known as Microsoft Malware Protection Center (MMPC), is committed to helping Microsoft customers. With Windows Defender Security Intelligence (WDSI) you can explore in-depth threat encyclopedia for information about threat types and other specific malwares. With WDSI, you can even submit any malicious file for malware analysis where microsoft researchers […]

Tutorials

File Recovery using Foremost [Kali Linux]

Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. The headers and footers can be specified by a […]

Tutorials

ShellShock and BeEF Framework – Exploitation Tutorial

In a previous tutorial, we successfully exploited the ShellShock Vulnerability with Metasploit Framework and Burp Suite. And in this article we’ll gonna exploit the same vulnerability with BeEF Framework which is one of the most popular Browser Exploitation Framework but it is not actively maintained by the developers. BeEF allows the professional penetration tester to […]

Tutorials

ShellShock Exploitation with BurpSuite [PentesterLab] – CVE-2014-6271

This is an exercise from PentesterLab to reproduce & demonstrate how to exploit CVE-2014-6271 [ShellShock Vulnerability]. Download Vulnerable ISO – https://www.pentesterlab.com/exercises/cve-2014-6271 Size: 19 MB OS Type: Linux A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell […]