Hiding Shell using PrependMigrate -Metasploit

In this article, you will get to know about the strength of mfsvenom along with PrependMigrate. You will also learn how to migrate the created payload into processes currently running on the targeted machine so, the victim unable to find the malicious file. It is very important to migrate your backdoor payload because if the target is alerted and decides to take measures to kill the process then, your session…

December 13, 2019
Read More >>

Multiple Ways to Install Kali

In this article, we will learn how to open the magic box of ethical hacking. Can you guess the name of that box? Ok, I tell you the name is KALI the magic box of ethical hacking. Through this article, you will learn the installation of Kali  Linux on different platforms along with the features. Table of Content Introduction of kali Linux Features of kali Linux Prerequsities for kali Linux…

December 10, 2019
Read More >>

In Plain Sight:1: Vulnhub Walkthrough

December 8, 2019

In today’s article we will face an Intermediate challenge. Introducing the In Plain Sight:1 virtual machine, created by “bzyo_” and is available on Vulnhub. This is another Capture the Flag challenge where we have to escalate privileges to find the root flag to complete the challenge. Since these labs are available on the Vulnhub Website. We will be downloading the lab file from this link. Penetration Testing Methodology Network Scanning…

Read More >>

Windows for Pentester: Certutil

In this article, we are going to describe the utility of Certutil tool and how vital it is in Windows Penetration Testing. TL; DR Certutil is a preinstalled tool on Windows OS that can be used to download malicious files and evade Antivirus. It is one of the Living Off Land (LOL) Binaries. Disclaimer The main objective of publishing the series of “Windows for Pentester” is to introduce the circumstances…

December 3, 2019
Read More >>

Web Application Pentest Lab Setup on AWS

Isn’t it going to be nice if you can reach your pen-testing lab from all over the world? As we all know, this is a digital age that makes life easier than our expectations, thus anyone can access their information/data from the cloud. Similarly, a Pentester can design its pen-testing environment for the vulnerable machine on the cloud that can be accessed from anywhere. AWS is probably the most popular…

December 3, 2019
Read More >>

Linux Privilege Escalation using Capabilities

In this article, we will discuss the mechanism of “capability” and Privilege escalation by abusing it. As we know when the system creates a work context for each user where they achieve their tasks with the privileges that are assigned to them. So, to provide some specific functionalities, it is necessary for a non-privileged user to sometimes temporarily acquire a superuser profile to perform a specific task. This functionality mainly…

November 30, 2019
Read More >>

HA: Dhanush Vulnhub Walkthrough

Today we are going to solve our Boot to Root challenge called “HA Dhanush”. We have developed this lab for the purpose of online penetration practices. It is based on the weapon that was part of all the wars in medieval times. The Bow and Arrow. As the lab is titled Dhanush. Some information about Indian Mythology and Bows might help. Let’s Solve it!! Download Here Level: Intermediate Task: To…

November 28, 2019
Read More >>

HA: Chanakya Vulnhub Walkthrough

Today we are going to solve our Boot to Root challenge called “HA Chanakya”. We have developed this lab for the purpose of online penetration practices. It is based on the Mastermind that took down kingdoms, one and only Chanakya. Let’s Solve it!! Download Here Level: Intermediate Task: To Enumerate the Target Machine and Get the Root Access. Penetration Methodologies Network Scanning Netdiscover Nmap Scan Enumeration Browsing HTTP Service Getting…

November 27, 2019
Read More >>

djinn:1 Vulnhub Walkthrough

November 27, 2019

Hello guys, today we will face an Intermediate challenge. Introducing the djinn: 1 virtual machine, created by “0xmzfr” and available on Vulnhub. This is another Capture the Flag Style Challenge where we have to escalate privileges to the “root user” and find 2 flags to complete the challenge. Since these labs are available on the Vulnhub Website. We will be downloading the lab file from this link. Penetration Methodologies: Network…

Read More >>

Linux for Pentester: Perl Privilege Escalation

Here we are again coming back with one of very essential command i.e. “Perl”. As we know Perl has it’s significant in the era of programming language specially designed for text editing. Apart from all of this, now it is also very prominent for a variety of purposes including Linux system administration, network programming, web development, etc. So keeping this fact into our mind we will proceed to this article…

November 26, 2019
Read More >>