Exploitation

Phantom Evasion is a malware stub generator tool written in python both compatible with python 2.7 and 3.4 or higher( note that python 2.7 is required for pyinstaller). The aim of this tool is to make antivirus evasion an easy task for pentesters with the use of prewritten modules capable …

Let us discuss about performing browser autopwn that how this module works. This auxiliary module used for performing client-side attacks. Now we need to explore how this module works. Following are steps of browser autopwn. Attacker/Penetration Tester executes the browser_autopwn auxiliary module. Web server is started (on the attacker’s system), which hosts …

Shellter is another antivirus evasion tool like veil-evasion framework, which infects the PE dynamically, can be used to inject the shell code into any 32-bit native Windows application. This framework enable us to either customize the payload or utilize the Metasploit framework in a sophisticated way. Most antivirus programs will …

Today we are going to learn about penetration testing using JexBoss. This tool used for penetration testing and exploiting vulnerabilities/weaknesses in JBoss Application Server and other Java Application Servers (for example, WebLogic, GlassFish, Tomcat, Axis2, and so on). This tool is not available in Kali Linux you need to download …

In this article we’re going to discuss penetration testing network routers using RouterSploit in a beginner’s way. Basically RouterSploit is a router exploitation framework or we can say penetration testing framework for routers, designed especially for embedded devices. This framework can perform three main modules: exploiting module: contains list of …

Let’s discuss about penetration testing embedded devices. First we need to know about embedded devices and their types then we’ll cover penetration testing embedded devices and I would recommend you to follow this practical guide for penetration testing into IPSec VPNs if you are interested. Basically an embedded device is used for …

Today we are going to learn about how to create evil access point in Kali NetHunter. MANA toolkit is used to create evil access point launched by SensePost, which can be used to perform Wi-Fi, Access Point (AP), and MITM attacks. Whenever a victim connects to our access point, this …

In this article we are going to discuss how to penetrate or compromise SSH (Secure Shell) using Kali Linux. Basically secure shell (SSH) protocol is a network protocol mainly used to establish an encrypted communication channel across an open network between a server and a client. Commonly, a public-private key …

In this lengthy article we are going to discuss how to develop windows exploits. If you want to be a successful Ethical Hacker or Penetration tester you should have a fair understanding/knowledge of the assembly language to develop windows exploits (custom exploits). Let us cover some basics that are required …

In this article we are going to discuss Penetration Testing IPSec VPN (Virtual Private Network). VPN provide secure (encrypted) communications between remote locations or users within the same network through internet. Basically there are two types of VPNs: IPSec VPN and SSL VPN. IPSec is widely used protocol to establish secure …