Tutorials

File Upload Exploitation and Its Prevention – Detailed Guide 2018

Well as you all knows that, file upload control is always at major risk for developers because there are N number of ways to bypass this control and an attacker can easily upload any malicious file to the server. Once the malicious file got uploaded to server, an attacker can easily gain the control of […]

Tutorials

Pentesting Windows 2000/2003 Server with Metasploit Framework – Detailed Tutorial

This is a very detailed step by step tutorial on How to pentest a Remote PC (Windows 2000/2003 server) with Metasploit Framework. We’ve used Kali Linux 2017.1 and Windows 2000 server in a virtual environment (VMware Workstation). The ease of pen testing is scary and readers, sysadmins are advised to update their Windows 2000/2003 server […]

Tutorials

DKMC – Another Wonderful Malicious Payload Evasion Tool (Windows Hacking)

Windows would be one of our common targets, since it is the most used operating system in the corporate environment. Since most of you are familiar with Windows, it would be easy to enumerate it. Our main goal is to generate a malicious payload with the help of DKMC (Don’t kill my cat) which is […]

Tutorials

MSFvenom Payload Creator (MSFPC) – Installation and Usage

With the help of MSFPC, you can quickly generate the payload based on msfvenom module which is a part of Metasploit Framework. So MSFvenom Payload Creator is a simple wrapper to generate multiple types of payloads like APK(.apk), ASP(.asp), ASPX(.aspx), BASH(.sh), Java(.jsp), Linux(.elf), OSX(.macho), Perl(.pl), PHP(.php), Powershell(.ps1), Python(.py), Tomcat(.war) and Windows(.exe/.dll). The only necessary input […]

Tech Articles

Meterpreter Commands in Detail 2017 – Metasploit Framework

After a successful exploit a Meterpreter shell allows you to perform many different functions along with a full remote shell. Meterpreter is great for manipulating a system once you get a remote connection, so depending on what your goals are; a Meterpreter shell is usually preferred to a straight remote terminal shell. Meterpreter gives us […]

Tutorials

Creating an undetectable payload using Veil-Evasion Toolkit

In previous tutorials, we used msfvenom for generating various payloads but now a days AV companies coded a signature for the templates these schemes uses so to bypass AV, today we’ll use another framework called as Veil-Evasion Framework. Veil-Evasion is a tool designed to generate metasploit payloads that bypass common Anti-Virus solutions. To install Veil-Evasion, […]

Tech Articles

MSFVENOM – All payload examples – Cheatsheet 2017

Msfvenom is a Metasploit Standalone Payload Generator which is a replacement of msfpayload and msfencode. Through msfvenom, you can generate any kind of shellcode/payload depending upon the platform/OS you want to hack. Often one of the most useful abilities of Metasploit is the msfvenom module. Multiple payloads can be created with this module and it […]

Tech Articles

Meterpreter Useful Top 60 Commands List – 2017 Update

Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime. It communicates over the stager socket and provides a comprehensive client-side Ruby API. How Meterpreter Works The target executes the initial stager. This is usually one of bind, reverse, findtag, passivex, etc. The stager […]

Tutorials

Generate 100% FUD Backdoor with TheFatRat – Windows 10 Exploitation

As you all knows, Windows 10 is the latest edition of Microsoft having great security features but what if someone send a trojan/virus/backdoor/payload which is 100% FUD (Fully Undetectable) ? So basically, with the help of TheFatRat, you can easily develop a Trojan or backdoor and perform various post exploitation methods like Browser Hijacking, DDL […]