Socks Proxy Penetration Lab Setup using Microsocks

November 16, 2018

Hello friends!! In our previous article we have disccuss “Web Proxy Penetration Lab Setup Testing using Squid” and today’s article we are going to setup SOCKS Proxy to use it as a Proxy Server on Ubuntu/Debian machines and will try to penetrate it. Table of Content Intoduction to proxy What is socks proxy Difference Between Socks proxy and HTTP Proxy Socks proxy Installation Web Proxy Penetration Testing SSH Proxy Penetration…

Read More >>

Web Proxy Penetration Lab Setup Testing using Squid

November 15, 2018

In this article we are going to setup Squid to use it as a Proxy Server on Ubuntu/Debian machines and will try to penetrate it. Table of content Introduction to Proxy Setting Squid Proxy Installation Squid Proxy Server Configuration Configuring Apache service for Web Proxy Web Proxy Penetration Testing Directory Brute force Attack on Proxy Server Using DIRB Tool Vulnerability Scanning on Proxy Server Using Nikto Tool SQL Injection on…

Read More >>

Comprehensive Guide on Hydra – A Brute Forcing Tool

November 13, 2018

Hello friends!! Today we are going to discuss – How much impactful hydra is in cracking login credential of various protocols to make unauthorized access to a system remotely. In this article we have discussed each option available in hydra to make brute force attack in various scenario.  Table of Content Introduction to hydra Multiple Feature of Hydra Password Guessing For Specific Username Username Guessing For Specific Password Cracking Login…

Read More >>

Matrix: 1 Vulnhub Walkthrough

November 10, 2018

Hello friends! Today we are going to take another boot2root challenge known as Matrix. The credit for making this vm machine goes to “Ajay Verma” and it is another boot2root challenge in which our goal is to get root access to complete the challenge. You can download this VM here. Security Level: Intermediate Flags: There is one flag (flag.txt). Table of contents: Port scanning and IP discovery. Hitting on port…

Read More >>

Hack the Box: Dropzone Walkthrough

November 4, 2018

Today we are going to solve another CTF challenge “Dropzone”. It is a retired vulnerable lab presented by Hack the Box for helping pentester’s to perform online penetration testing according to your experience level; they have a collection of vulnerable labs as challenges, from beginners to Expert level. Level: Expert Task: To find user.txt and root.txt file Note: Since these labs are online available therefore they have a static IP….

Read More >>

Hack the Box: Bounty Walkthrough

October 31, 2018

Today we are going to solve another CTF challenge “Bounty”. It is a retired vulnerable lab presented by Hack the Box for helping pentester’s to perform online penetration testing according to your experience level; they have a collection of vulnerable labs as challenges, from beginners to Expert level. Level: Medium Task: To find user.txt and root.txt file Note: Since these labs are online available therefore they have a static IP. The IP…

Read More >>

Xerosploit- A Man-In-The-Middle Attack Framework

October 30, 2018

Networking is an important platform for an Ethical Hacker to check on, many of the threat can come from the internal network like network sniffing, Arp Spoofing, MITM e.t.c, This article is on Xerosploit which provides advanced MITM attack on your local network to sniff packets, steal password etc. Table of Content Introduction to Xerosploit Man-In-The-Middle Xerosploit Installation PSCAN (Port Scanner) DOS (Denial of service) INJECTHTML (HTML INJECTION) SNIFF dspoof…

Read More >>

Comprehensive Guide on MSFPC

October 30, 2018

Hello Friends!! As you all are aware of MSFvenom-A tool in Kali Linux for generating payload, is also available as MSFvenom Payload Creator (MSFPC) for generating various “basic” Meterpreter payloads via msfvenom. It is fully automating msfvenom & Metasploit is the end goal. MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based on user’s choice. The idea is to be as simple as possible (only requiring one input) to…

Read More >>

Comprehensive Guide on SearchSploit

October 27, 2018

Hello friends!! Several times you might have read our articles on CTF challenges and other, where we have used searchsploit to find out an exploit if available in its Database. Today in this article we are going to discuss searchsploit in detail. Table of Content Introduction to searchsploit Title Searching Advance Title Searching Copy To Clipboard Copy To Directory Examine an Exploit Examining Nmap result Exploit-DB Online Eliminate Unwanted Results…

Read More >>

Linux Privilege Escalation via Automated Script

October 22, 2018

We all know that, after compromising the victim’s machine we have a low-privileges shell that we want to escalate into a higher-privileged shell and this process is known as Privilege Escalation. Today in this article we will discuss what comes under privilege escalation and how an attacker can identify that low-privileges shell can be escalated to higher-privileged shell. But apart from it, there are some scripts for Linux that may…

Read More >>