Hello Everyone, this is the final VM from the kioptrix series and to be frank, I enjoyed it the most(I was frustrated though). Download:https://www.vulnhub.com/entry/kioptrix-level-13-4,25/ As usual getting the IP was the first thing. Netdiscover plays the trick. After getting IP I scanned with nmap. netdiscover -r 10.0.2.0/24 Here port 80 is open so I scanned … Continue reading Kioptrix 1.3(#4) Walkthrough

Hello Everyone, this walkthrough is of 3rd series of Kioptrix VM. You can download it from here. After installing it, you need to edit your host file and point the IP to kioptrix3.com. In linux, you can edit using cat /etc/hosts. As usual, I started with: #netdiscover -r 10.0.2.0/24 Ok so I got my target … Continue reading Kioptrix 1.2(#3) walkthrough

Hello Everyone, the previous post was walkthrough of level 1 of Kioptrix series. In this blog, I am going to post walkthrough of Kioptrix 1.1 which is 2nd in the series. So without wasting our time, let’s get started. Just like the last machine, I was being greeted by this login page. First work was … Continue reading Kioptrix 1.1(#2) Walkthrough

Kioptrix is one of the best series for those who are trying to make their way for Penetration Testing. Even it is recommended for a lot of certification including OSCP. This walkthrough is of Kioptrix 1 Download:https://www.vulnhub.com/entry/kioptrix-level-1-1,22/ I was using Vbox and I faced some problem during installation of Kioptrix on VBox.I followed these steps … Continue reading Kioptrix 1 Walkthrough

Blog – Manish Bhardwaj Blog – Manish Bhardwaj https://manishbhardwajblog.wordpress.com CySecBot CySecBot

Netcat(popularly known as NC) is feature-rich network debugging and investigation tool with tons of built-in capabilities for reading from and writing to network connections using TCP or UDP. Its Plethora of features includes port listening, port scanning & Transferring files due to which it is often used by Hackers and PenTesters as Backdoor. Netcat was … Continue reading Netcat-TCP/IP Swiss Army Knife.

  The advantage of Nmap Scripting Engine (NSE) is that it adds a lot of automated features in nmap to automate a wide variety of networking tasks.Here in this post I am using some of the most commonly used NSE scripts for Penetration Testers. 1.–script http-enum It performs Brute Force on a server path in … Continue reading Top 10 nmap NSE scripts for PenTesters.

What is SSH??? SSH, also known as Secure Socket Shell, is a network protocol that provides administrators with a secure way to access a remote computer.The best known example application is for remote login to computer systems by users. Here with the help of Metasploit and Medusa,I tried to get the Password of SSH.   … Continue reading Attacking SSH with Metasploit and Medusa.

Enumeration is the very first key step to hack/pen Test any vulnerable Target. In today’s blog, we are going to enumerate the Metasploitable 2 machine.For this, we are going to use some commands like Netdiscover, Nmap,rpcclient & enum4linux. In this part of the Metasploitable 2 enumeration tutorial, we will be enumerating the running services, accounts and perform … Continue reading MetaSploitable 2 Enumeration