Articles related to Penetration Testing
Kali Linux WiFi Adapter in India Here is a list of Kali Linux WiFi adapter that support all WiFi penetration testing requirements for network/wifi perimeter testing. Updated March 2020 So far, Kali Linux has been one of the most widely used penetration testing OS of all time. It is packed with Ultimate weapons which can…
In the previous post, I explained how to use metasploit and establish a reverse TCP connection from outside the LAN without port forwarding. So a lot of our readers asked about using ngrok with Koadic (well, most of the users around the world are still using Windows and Koadic is one of the best weapons…
Metasploit is one of the best security testing frameworks that helps pen-testers do more than just detecting issues and sniping down the vulnerabilities; it also gears up and arms the defenders to always stay one or two steps ahead of the game. Metasploit Framework is a collection of tools for generating and running exploit codes…
ReelPhish – Defeating Two Factor Authentication using Real Time Phishing Attack Social Engineering Human Beings and their vulnerabilities have always been one of the loop holes in IT security. Even though the technology; software, networks and hardware, have hardened, attackers are using common people, exploiting the lack of their knowledge to get what they want….
A 17 year old Vulnerability in Microsoft Word was disclosed recently tracked by CVE-2017-11882 which affected the major versions of Microsoft Office – Microsoft Office 2007 SP 3, Microsoft Office 2010 SP 2, Microsoft Office 2013 SP 1, and Microsoft Office 2016. This vulnerability allows attackers to run remote codes with the privileges of the…
What is OWASP? OWASP or Open Web Application Security Project is an unbiased open source community focusing on improving the security of web applications and software. OWASP, formed as wide group of like minded people has now grown and provide free information about the flaws and application security to developers, corporations and universities world wide. All…
Information Security Consulting company TrustedSec has announced a HTTP(s) command and control (C2) Open Source Framework dubbed TrevorC2. This is a client-server model for masking out Command and Control using a normally browsable website. Detection of this much difficult because the time intervals are different and it does not use POST requests for data extraction….
WiFi and WPA Now a days, every offices, houses, hotels, parks, hospitals, almost everywhere there is wifi. But the real question is, are they secure?If your wireless access point is not properly secured, people from other houses, offices or nearby buildings can gain access to it. People who are able to connect to your wireless…
A new tool – BLEAH which is used for attacking Bluetooth Low Energy devices is now available for download in evilsocket repository. This can be used for perform sniffing and man in the middle attack. What makes BLE Vulnerable? Bluetooth was initially designed for continuous, streaming of data packets to and from devices which enables…
Kali Linux has been one of the best penetration testing OS of all time. During April 2017, Kali Linux 2017.1 rolling was released and the popular distro came up with a set of significant updates and features which include Support for RTL8812AU Wireless Card Injection, Support for CUDA GPU Cracking, Amazon AWS and Microsoft Azure Availability…
Interested in WiFi? In this post, I will explain how I made a WiFi station that can give you access to far away WiFi networks from your home. Before continuing, you should have a clear idea on WiFi Networks, Working of a Wireless Router and WiFi Security. Click on this link if you would like…
A critical vulnerability that could completely compromise an apache struts web server was reported by a research team at LGTM (tracked as CVE-2017-9805 ( S2-052 )). Successful exploitation of this vulnerability could lead to RCE (Remote Code Execution), taking full control over the server and a failed attempt can lead to Denial of Service.