How to Pivot from Victim System to Owning the Network with Metasploit

To own a network and retrieve the key data, we only need to find ONE weak link in the network. It makes little sense to beat our heads against heavily fortified systems like the file and database server when we … Continue reading

Tutorial: Crack Private and Public SNMP Passwords Using Onesixtyone on Kali

In a recent tutorial, I showed how the SNMP protocol can be a gold mine of information for reconnaissance on a potential target. If you haven’t already, I strongly suggest that you read it before progressing here, as little of … Continue reading

Using Netdiscover & ARP to Find LAN IP and MAC Addresses

Quite often, people will ask me where they should start in Hacking. Oh my gosh! There are soooo many topics, subjects, ideas, things to memorize, things to mess with, etc… It is much too difficult to tell someone where to … Continue reading

Kali Linux: Goohost.sh extracts Hosts, IPs, or Email from Google

Goohost is a simple shell script written by Watakushi that extracts hosts/subdomains, ip or emails for a specific domain with Google search. Installation First create a directory for the installation $ mkdir -p /pentest/enumeration/google/goohost/ Then download the tool and make … Continue reading

Wordlists for Password Cracking and Other Brute Force Resources

Brute Forcing and Dictionary Attacks are two methods of getting the same result, a password. Dictionary Cracking can mostly rely on the quality of your word list. Quite often, I have people ask me where they can get wordlists. It … Continue reading

How To Hack: Kali Linux Router Password Hack Using Medusa

Medusa is described as a “speedy, massively parallel, modular, login brute-forcer” with modules available to support almost any service that allows remote authentication using a password, including: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, POP3, PostgreSQL, SMTP-AUTH, Telnet and VNC. Medusa … Continue reading

How To Bypass Antivirus Detection – Making An Executable FUD

So in this tutorial we will show you step by step on how to make a virus Fully Undetectable from all the antiviruses. Their are lots of approaches, however here we will take a look at how to make an executable FUD … Continue reading

Tutorial: MDK3 – Network Traffic Disruption

Today, we are going to go over some options with the tool MDK3, however it has to be said that the use of these options can wreak havoc on wireless networks and should be used with caution ! And of … Continue reading

Tutorial: theHarvester – Collect a Company’s Email Addresses, Subdomains, Related Servers

The information gathering steps of footprinting and scanning are of utmost importance. Good information gathering can make the difference between a successful penetration test and one that has failed to provide maximum benefit to the client. We can say that … Continue reading

Mimikatz: Windows Powershell Script for Dumping Local and Domain Passwords

clymb3r recently posted a script called “Invoke-Mimikatz.ps1” basically what this does is reflectively injects mimikatz into memory, calls for all the logonPasswords and exits. It even checks the targets architecture (x86/x64) first and injects the correct DLL. This is really … Continue reading

How To Hack: Creating an iOS7 Application Pentesting Environment

Now that you have your shiny new Evasion7 jailbreak running it’s time to set up the environment for application testing! Getting in Since mobile substrate is not working yet we will focus on getting our idevice up and running as … Continue reading

How To Hack: Exploit SNMP for Reconnaissance

The more we know about a system or network, the better our chances of owning it and not leaving a trace for investigators to follow. One of the often overlooked sources for information is the Simple Network Management Protocol (SNMP). … Continue reading

How to Hack: Snatch the Sysadmin Password from Remote Desktop Protocol (RDP)

One of the keys to becoming a professional and successful hacker is to think creatively. There is always a way to get into any network or system, if you think creatively. In previous tutorials, I have demonstrated ways to crack … Continue reading

Kali Linux on Android Using Linux Deploy

Kali Linux on any Android Phone or Tablet Getting Kali Linux to run on ARM hardware has been a major goal since day one. So far, there have been native images built for the Samsung Chromebook, Odroid U2, Raspberry Pi, … Continue reading

All About Dos Attacks – Hacking Tutorials And Lessons

The effects of a ping flood attack A person can get all excited when they learned to ping flood (Denial of Service) someone for the first time. The thought of having the power to slow someone’s network speed down might … Continue reading

How To Hack: Change the Signature of Payloads to Evade Antivirus

I’ve written several listener guides on creating a malicious PDF or malicious Word document that would carry in it a payload with the Meterpreter, or reverse shell enabling you to own the system. One of the hurdles to using these … Continue reading

Wireless Security: Everything you ever needed to know about Wifi Hacking

The following is a very thorough and concise overview of Wifi Security. I think it will be very important for my fellow Security Hacker / Pen Testers to have this knowledge stored away somewhere in the back of their head. … Continue reading

Hacking Tricks: LANs.py – Packet Parsing/Injecting ARP Poisoner

LANs.py: (Download at Github) Individually poisons the ARP tables of the target box, the router and the DNS server if necessary. Does not poison anyone else on the network. Displays all most the interesting bits of their traffic and can … Continue reading

Hacking Wifi: Cracking WEP with Kali Linux

Today, we commonly find wireless networks around us. Most wireless networks are encrypted using WEP or WPA encryption methods. I was recently looking around my site and realized that I had not ever posted a how-to on easily cracking WEP. … Continue reading