Posted By:Royce Davis - Pentest Geek

standard

Attacking Palo Alto Networks PAN-OS ‘readSessionVarsFromFile()’

2018/05/11 - By 

A really cool CVE for attacking palo alto networks PAN-OS was published near the end of last year CVE-2017-15944.  Just last weak Philip Pettersson created a Metasploit Module to take full advantage of this bug and achieve remote code execution!
Read More


standard

GPG Errors While Updating Kali Linux

2018/04/26 - By 

I often run into the same GPG errors while updating Kali Linux’s apt-get repositories. The fix is simple enough but I seem to always end up Googling for longer than necessary so I wanted to place the working steps in a single place where I could have them when I undoubtably run into this issue again in the future.
Read More


standard

Installing Kali NetHunter on HTC Nexus 9

2018/04/05 - By 

Everything you need to begin installing Kali NetHunter can be purchased on Amazon. The only real requirement is of course a supported Android device however this guide also makes use of the keyboard folio which should be considered a necessity if you plan to do any real work on the tablet as well as an OTG cable for plugging in an external WiFi card.
Read More


standard

Recovering Passwords From Hibernated Windows Machines

2017/05/11 - By 
Recovering Passwords From Hibernated Windows Machines

A friend of mine recently asked if I could help them by recovering passwords from an old Windows laptop. Nothing nefarious here just a common scenario we’ve all been in before. They hadn’t used the system in quite some time and couldn’t recall the password to log in.
Read More


standard

How To Install Metasploit Framework Ubuntu 17.10

2016/09/30 - By 
How-to-install-metasploit-framework-ubuntu-14-04

The Metasploit Framework is an integral component to every penetration testers tool-kit. This guide will teach you how to install Metasploit Framework in Ubuntu 17.10. You will also install and configure RVM and Postgres.
Read More


standard

How to Install Nmap From Source

2016/09/28 - By 
How To Install Nmap

Nmap is a network mapping tool used during the Information Gathering phase of a network penetration testing engagement. It is completely free and open source. Click on the following link for more information about the Nmap Project. In this step-by-step tutorial you will learn how to install Nmap from source on an Ubuntu Linux machine.
Read More


standard

Credential Harvesting via MiTM – Burp Suite Tutorial

2016/06/09 - By 
Credential-Harvesting-Via-MiTM-Burp-Suite

In this step by step tutorial we will discuss some of the more advanced use cases for the Burp Suite.  Credential harvesting through Man In The Middle attack vectors can be your saving grace during an otherwise uneventful penetration test.  You can watch a video version of this tutorial Here. This guide is intended to be educational as well as entertaining.  The author does not condone or encourage illegal hacking activities.
Read More


standard

How To Use Burp Suite – Web Penetration Testing (Part 2)

2014/11/14 - By 
Burp Suite Tutorial Part 2

In our last Burp Suite Tutorial we introduced some of the useful features that Burp Suite has to offer when performing a Web Application Penetration Test. In part 2 of this series we will continue to explore how to use Burp Suite including: Validating Scanner Results, Exporting Scanner Reports, Parsing XML Results, Saving a Burp Session and Burp Extensions. Lets get right to it!
Read More


standard

Burp Suite Tutorial – Web Application Penetration Testing (Part 1)

2014/07/02 - By 

Burp Suite from Portswigger is one of my favorite tools to use when performing a Web Penetration Test. The following is a step-by-step Burp Suite Tutorial. I will demonstrate how to properly configure and utilize many of Burp Suite’s features. After reading this, you should be able to perform a thorough web penetration test. This will be the first in a two-part article series.
Read More


Share This

Recent Posts

Subscribe To Our Mailing List

Latest Course

Penetration Testing

Categories

Metasploit

Web Application Hacking


Copyright 2018

css.php