Computers have become a ubiquitous part of our daily lives. Understanding computer basics is essential for anyone who uses a computer, whether it is for personal or professional use. By understanding the fundamental…
Read more
In a previous tutorial, we successfully exploited the ShellShock Vulnerability with Metasploit Framework and Burp Suite. And in this article we’ll gonna exploit the same vulnerability with BeEF Framework which is one of…
Read more
This is an exercise from PentesterLab to reproduce & demonstrate how to exploit CVE-2014-6271 [ShellShock Vulnerability]. Download Vulnerable ISO – https://www.pentesterlab.com/exercises/cve-2014-6271 Size: 19 MB OS Type: Linux A flaw was found in the way…
Read more
Question 142. Which of the following is often one of the most overlooked areas of security? A. Operational B. Technical C. Internet D. Physical Answer 142. Option D. Explanation: Physical security is one…
Read more
Question 95. What is the Ping of Death? A. Sending packets that, when reassembled, are too large for the system to understand B. Sending very large packets that cause a buffer overflow C….
Read more
Question 48. What is the process of hiding text within an image called? A. Steganography B. Encryption C. Spyware D. Keystroke logging Answer 48. Option A. Explanation: Steganography is the process of hiding…
Read more
Question 1. Which of the following statements best describes a white-hat hacker? A. Security professional B. Former black hat C. Former grey hat D. Malicious hacker Answer 1. Option A. Explanation: A white-hat…
Read more
In a previous article, we have described the ShellShock vulnerability and in this article we show how to exploit this vulnerability using the BadBash Script. BadBash is a CVE-2014-6271 RCE exploit tool. The…
Read more
In a previous tutorial, we used Metasploit Framework to gain a low-level shell through meterpreter on the target system (Metasploitable2 Machine) by exploiting the ShellShock vulnerability. But that low level shell is not…
Read more
SEO is undeniably one of the most popular concepts online, gaining attention from experts, developers, website owners, brand, and companies. As website owners strive to be noticed online by the right kind of…
Read more
In a previous tutorial, we used Metasploit Framework to gain a low-level shell on the target system by exploiting the ShellShock vulnerability. The same can also be done by sending a HTTP Request…
Read more
Previously we’ve well explained the Heartbleed Vulnerability which already created so much havoc and now we’ll show you a live exploitation of ShellShock Vulnerability (CVE-2014-6271) with Metasploit Framework. ShellShock Vulnerability also called Bash…
Read more
WaveBox is one of the best Email Client for especially Linux distributions but also comes for Windows OS and MacOS which bringing Gmail, Hotmail, Inbox, Outlook etc into a configurable client. Wavebox is built…
Read more
Netstat is truly a very overlooked tool for network troubleshooting so I believe that it would be beneficial to post all of the switches and options available with NETSTAT. Netstat displays protocol statistics…
Read more
Kali Linux is a Linux-based penetration testing arsenal that aids security professionals in performing assessments in a purely native environment dedicated to hacking. Kali Linux is a distribution based on the Debian GNU/Linux…
Read more
WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access…
Read more
Headers and methods work together to determine what clients and servers do. This article quickly sketches the purposes of the standard HTTP headers and some headers that are not explicitly defined in the…
Read more
HTTP status codes are classified into 5 broad categories. The status codes provide an easy way for clients to understand the results of their transactions. As methods tell the server what to do,…
Read more
Regardless of whether you are reading a packet capture from a stored file or from a live interface on a Windows or Linux host, Wireshark’s analysis features are nearly identical. Wireshark offers many useful…
Read more
RSS (Rich Site Summary; originally RDF Site Summary; often called Really Simple Syndication) is a type of web feed which allows users to access updates to online content in a standardized, computer-readable format….
Read more
Phishing has emerged as an effective method to steal the personal and confidential data of users. It is an Internet scam that tricks users into divulging their personal and confidential information by making…
Read more
With the help of Seeker which is an open source python script, you can easily find the geolocation of any device with high accuracy along with device information like Resolution, OS Name, Browser,…
Read more