Articles related to Penetration Testing
Information Security Consulting company TrustedSec has announced a HTTP(s) command and control (C2) Open Source Framework dubbed TrevorC2. This is a client-server model for masking out Command and Control using a normally browsable website. Detection of this much difficult because the time intervals are different and it does not use POST requests for data extraction….
WiFi and WPA Now a days, every offices, houses, hotels, parks, hospitals, almost everywhere there is wifi. But the real question is, are they secure?If your wireless access point is not properly secured, people from other houses, offices or nearby buildings can gain access to it. People who are able to connect to your wireless…
A new tool – BLEAH which is used for attacking Bluetooth Low Energy devices is now available for download in evilsocket repository. This can be used for perform sniffing and man in the middle attack. What makes BLE Vulnerable? Bluetooth was initially designed for continuous, streaming of data packets to and from devices which enables…
Kali Linux has been one of the best penetration testing OS of all time. During April 2017, Kali Linux 2017.1 rolling was released and the popular distro came up with a set of significant updates and features which include Support for RTL8812AU Wireless Card Injection, Support for CUDA GPU Cracking, Amazon AWS and Microsoft Azure Availability…
Interested in WiFi? In this post, I will explain how I made a WiFi station that can give you access to far away WiFi networks from your home. Before continuing, you should have a clear idea on WiFi Networks, Working of a Wireless Router and WiFi Security. Click on this link if you would like…
A critical vulnerability that could completely compromise an apache struts web server was reported by a research team at LGTM (tracked as CVE-2017-9805 ( S2-052 )). Successful exploitation of this vulnerability could lead to RCE (Remote Code Execution), taking full control over the server and a failed attempt can lead to Denial of Service.
In the previous posts, I told you everything about BeEF, BeEF hook and showed how to create a malicious HTML game with BeEF hook script, port forwarding in router and how to setup NOIP Dynamic DNS Service in Kali Linux. Now let us combine everything and perform a real attack using BeEF outside the LAN…
In the last post I explained all the basic things about BeEF and in this post I will go to the next step. I will show you how to add a BeEF hook to a website.
In this post, I will explain BeEF, how to install it and test the installation by performing a small attack on my system.
A new vulnerability allows hackers to hack into Abbott’s pacemakers using RF waves and fully take control over the running device.