Command & Control: Ares

April 16, 2019

In this article, we will learn how to use Ares tool. This tool performs the Command and Control over the Web Interface. This tool can be found on GitHub. Table of Content: Introduction Installation Exploiting Target Command Execution Capturing Screenshot File Download Compressing Files Persistence Agent Clean Up Introduction                                                                                                                                                  Ares is a Python Remote Access Tool. Ares is made of two main programs: A Command & Control server, which is…

Read More >>

Command and Control with DropboxC2

April 12, 2019

In this article, we will learn how to use DropboxC2 tool. It is also known as DBC2. Table of Content: Introduction Installation Getting Dropbox API Exploiting Target Sniffing Clipboard Capturing Screenshot Command Execution File Download Introduction                               DBC2 is primarily a tool for post-exploitation. It has an agent running on the target’s machine, a controller, running on…

Read More >>

Beginner’s Guide to Nessus

April 8, 2019

In this article, we will learn about Nessus which is a network vulnerability scanner. There are various network vulnerability scanners but Nessus is one of the best because of its most successful GUI. Therefore, it is widely used in multiple organizations. The tools were developed by Renuad Deraison in the year 1998. Table of Content Introduction to Nessus Linux Installation Running Vulnerability Scans Windows Installation Introduction to Nessus Nessus is…

Read More >>

dnscat2: Command and Control over the DNS

April 2, 2019

In this article, we learn DNS tunnelling through an amazing tool i.e. DNScat2 Table of Content : Introduction to DNS Introduction to DNScat Installation DNS tunnelling Conclusion Introduction to DNS The Domain Name System (DNS) associate’s URLs with their IP address. With DNS, it’s conceivable to type words rather than a series of numbers into a browser, enabling individuals to look for sites and send messages utilizing commonplace names. When…

Read More >>

Threat Detection for your Network using Kfsensor Honeypot

March 30, 2019

In this article, however, we will set up a framework to draw in attacker so we can catch or study them. Since almost the majority of the attackers around the globe are focusing on Windows servers for the various of their known defects and vulnerabilities, we will set up a Windows framework to do only that. we will set up a honeypot. In the event that you abandon it ready…

Read More >>

Empire GUI: Graphical Interface to the Empire Post-Exploitation Framework

March 27, 2019

This is our 8th post in the series of the empire which covers how to use empire as GUI. Empire has a great GUI mechanism, but it’s still developing as it has been released just a while back. For empire GUI to work, we need to download all of its dependencies and this is where it gets a bit complicated. So, first of all, we will download the beta 3.0…

Read More >>

Command & Control: Silenttrinity Post-Exploitation Agent

March 21, 2019

In this article, we will learn to use Silent Trinity tool to exploit windows. Table of content: Introduction Installation Windows exploitation Windows post exploitation Silent trinity to meterpreter Introduction Silent trinity is a command and control tool dedicated to windows. It is developed by byt3bl33d3r in python, iron python, C# and .net. as it is windows dedicated tool, C# was but obvious choice as it has a direct access .NET…

Read More >>

OSX Exploitation with Powershell Empire

March 21, 2019

This article is another post in the empire series. In this article, we will learn OSX Penetration testing using empire. Table of Content Exploiting MAC Post Exploitation Phishing Privilege Escalation Sniffing Exploiting MAC Here I’m considering you know PowerShell Empire’s basics, therefore, we will create the listener first using the following commands: uselistener http set Host http://192.168.1.26 execute Executing the above commands will start up the listener as shown in…

Read More >>

Command & Control Tool: Pupy

March 19, 2019

In this article, we will learn to exploit Windows, Linux and Android with pupy command and control tool. Table of Content : Introduction Installation Windows Exploitation Windows Post Exploitation Linux Exploitation Linux Post Exploitation Android Exploitation Android Post Exploitation Introduction Pupy is a cross-platform, post exploitation tool as well as a multi-function RAT. It’s written in python which makes it very convenient. It also has low detectability that’s why it’s…

Read More >>

Web Developer: 1: Vulnhub Lab Walkthrough

March 14, 2019

Hello friends! Today we are going to take another boot2root challenge known as “Web Developer: 1”. The credit for making this VM machine goes to “Fred Wemeijer” and it is another boot2root challenge in which our goal is to get root access to complete the challenge. You can download this VM here. Security Level: Intermediate Penetrating Methodology: IP Discovery using netdiscover Network scanning (Nmap) Surfing HTTP service port Enumerating directories…

Read More >>