Tutorials

Send Fake Mail using SETOOLKIT [Kali Linux]

The information security environment has changed vastly over the years. Now, in spite of having security policies, compliance, and infrastructure security elements such as firewalls, IDS/IPS, proxies, and honey pots deployed inside every organization, we hear news about how hackers compromise secured facilities of the government or of private organizations because of the human element involved in each […]

Tutorials

Sniff HTTP Post Data with Wireshark

Wireshark is a graphical network protocol analyzer that lets us take a deep dive into the individual packets moving around the network. Wireshark can be used to capture Ethernet, wireless, Bluetooth, and many other kinds of traffic. It can decode different protocols that it sees, so you could, for instance, reconstruct the audio of Voice […]

Tutorials

Host Header Attack – Practical Exploitation and Prevention

The “HOST” header is part of the http protocol, vulnerable applications are vulnerable because they insert the value of this header into the application code without proper validation, this means not only applications hosted on Apache/Nginx can be vulnerable. For Host Header Attack Exploitation, basically there are two ways through which you can exploit the […]

Tutorials

Sniffing with Rogue Access Point [DNSMASQ and TCPFLOW]

Wireless networking is a complex field.With countless standards, protocols, and implementations, it is not uncommon for administrators to encounter configuration issues that require sophisticated troubleshooting and analysis mechanisms. Traditional network sniffing on an Ethernet network is fairly easy to set up. In a shared environment, an analysis workstation running Wireshark starts a new packet capture, which config u res […]

Tutorials

Live Packet Sniffing with Python [Search][Post Data]

A sniffer is a program that monitors data traveling over a network. Unauthorized sniffers are dangerous to network security because they are difficult to detect and can be inserted almost anywhere, which makes them a favorite weapon of hackers. When used by malicious individuals, sniffers can represent a significant threat to the security of a […]

Tutorials

Print Fibonacci Series in PHP [Code]

Fibonacci Series is a series of numbers in which each number (Fibonacci number) is the sum of the two preceding numbers. The simplest is the series 1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89, 144 etc. As seems that, the first two numbers in this sequence are either 1 and 1 or […]

Tutorials

Develop Secure PHP Applications with PDO Statements

The PHP Data Objects (PDO) extension defines a lightweight, consistent interface for accessing databases in PHP. Each database driver that implements the PDO interface can expose database-specific features as regular extension functions. Note that you cannot perform any database functions using the PDO extension by itself; you must use a database-specific PDO driver to access […]

Tutorials

Ultimate phishing tool with Ngrok [SocialFish]

SocialFish is an open source tool through which you can easily create a phishing page of most popular websites like Facebook/Twitter/Github etc and can even be integrated with NGROK which is an another open source tunnel service which forward your localhost URL to some public DNS URL. Ngrok also provides a real-time web UI where […]

Tutorials

Exploitation of EternalBlue DoublePulsar [Windows 7 – 64bit] with Metasploit Framework

EternalBlue Metasploit exploits a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol. The vulnerability exists because the SMB version 1 (SMBv1) server in various versions of Microsoft Windows mishandles specially crafted packets from remote attackers, allowing them to execute arbitrary code on the target computer. According to NSA formal employees, EternalBlue was […]