Linux System Reconnaissance [Top Linux Commands]

In the early 90’s GNU/Linux systems consisted of little more than a beta – quality Linux kernel and a small collection of software ported from the GNU project. It was a true hacker’s operating system. There were no CD?ROM’s or GUI... Read more

Report Bulk Malicious URLs to Windows Defender Security Intelligence (WDSI)

Windows Defender Security Intelligence (WDSI), formerly known as Microsoft Malware Protection Center (MMPC), is committed to helping Microsoft customers. With Windows Defender Security Intelligence (WDSI) you can explore in-depth threat encyclopedia for information about threat types and other specific malwares.... Read more

Drupal 7 Exploitation with Metasploit Framework [SQL Injection]

Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution.... Read more

File Recovery using Foremost [Kali Linux]

Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase,... Read more

Post Exploitation with PowerShell Empire 2.3.0 [Detailed Tutorial]

The post exploitation phase begins after you have compromised one or more systems but you’re not even close to being done yet. Post exploitation is always a critical component in any penetration test. This is where you differentiate yourself from... Read more

20 Basic Computer Questions With Answers

Computers have become a ubiquitous part of our daily lives. Understanding computer basics is essential for anyone who uses a computer, whether it is for personal or professional use. By understanding the fundamental concepts of computing, users can make the... Read more

ShellShock and BeEF Framework – Exploitation Tutorial

In a previous tutorial, we successfully exploited the ShellShock Vulnerability with Metasploit Framework and Burp Suite. And in this article we’ll gonna exploit the same vulnerability with BeEF Framework which is one of the most popular Browser Exploitation Framework but... Read more

ShellShock Exploitation with BurpSuite [PentesterLab] – CVE-2014-6271

This is an exercise from PentesterLab to reproduce & demonstrate how to exploit CVE-2014-6271 [ShellShock Vulnerability]. Download Vulnerable ISO – Size: 19 MB OS Type: Linux A flaw was found in the way Bash evaluated certain specially crafted environment variables.... Read more

Cyber Security And Ethical hacking – MCQ With Answers – Part 4

Question 142. Which of the following is often one of the most overlooked areas of security? A. Operational B. Technical C. Internet D. Physical Answer 142. Option D. Explanation: Physical security is one of the most overlooked areas of security.... Read more

Cyber Security And Ethical hacking – MCQ With Answers – Part 3

Question 95. What is the Ping of Death? A. Sending packets that, when reassembled, are too large for the system to understand B. Sending very large packets that cause a buffer overflow C. Sending packets very quickly to fill up... Read more

Cyber Security And Ethical hacking – MCQ With Answers – Part 2

Question 48. What is the process of hiding text within an image called? A. Steganography B. Encryption C. Spyware D. Keystroke logging Answer 48. Option A. Explanation: Steganography is the process of hiding text within an image. Question 49. What... Read more

Cyber Security And Ethical hacking – MCQ With Answers – Part 1

Question 1. Which of the following statements best describes a white-hat hacker? A. Security professional B. Former black hat C. Former grey hat D. Malicious hacker Answer 1. Option A. Explanation: A white-hat hacker is a “good” guy who uses... Read more

Exploitation of ShellShock Vulnerability with BadBash Tool

In a previous article, we have described the ShellShock vulnerability and in this article we show how to exploit this vulnerability using the BadBash Script. BadBash is a CVE-2014-6271 RCE exploit tool. The basic version only checks for the HTTP... Read more

Linux Privilege Escalation With Kernel Exploit – [8572.c]

In a previous tutorial, we used Metasploit Framework to gain a low-level shell through meterpreter on the target system (Metasploitable2 Machine) by exploiting the ShellShock vulnerability. But that low level shell is not root shell, it means you can’t run... Read more

10 SEO tools all small businesses need in 2018

SEO is undeniably one of the most popular concepts online, gaining attention from experts, developers, website owners, brand, and companies. As website owners strive to be noticed online by the right kind of audience, SEO’s best practices keep changing, not... Read more

ShellShock Vulnerability Exploitation With HTTP Request

In a previous tutorial, we used Metasploit Framework to gain a low-level shell on the target system by exploiting the ShellShock vulnerability. The same can also be done by sending a HTTP Request with Wget and Curl. In order to... Read more

ShellShock Vulnerability Exploitation With Metasploit Framework

Previously we’ve well explained the Heartbleed Vulnerability which already created so much havoc and now we’ll show you a live exploitation of ShellShock Vulnerability (CVE-2014-6271) with Metasploit Framework. ShellShock Vulnerability also called Bash Bug Vulnerability which already affects thousands of... Read more

How To Install WaveBox in Kali Linux – [Email Client]

WaveBox is one of the best Email Client for especially Linux distributions but also comes for Windows OS and MacOS which bringing Gmail, Hotmail, Inbox, Outlook etc into a configurable client. Wavebox is built using Electron, React and Flux and supports... Read more

10 Cool Netstat Commands You Need to Know

Netstat is truly a very overlooked tool for network troubleshooting so I believe that it would be beneficial to post all of the switches and options available with NETSTAT. Netstat displays protocol statistics and current TCP/IP network connections. Netstat can... Read more