Let us discuss about performing browser autopwn that how this module works. This auxiliary module used for performing client-side attacks. Now we need to explore how this module works. Following are steps of browser autopwn. Attacker/Penetration Tester executes the browser_autopwn auxiliary module. Web server is started (on the attacker’s system), which hosts …
Read More »Exploitation
Bypassing antivirus programs using SHELLTER
Shellter is another antivirus evasion tool like veil-evasion framework, which infects the PE dynamically, can be used to inject the shell code into any 32-bit native Windows application. This framework enable us to either customize the payload or utilize the Metasploit framework in a sophisticated way. Most antivirus programs will …
Read More »Penetration Testing using JexBoss (Practical Guide)
Today we are going to learn about penetration testing using JexBoss. This tool used for penetration testing and exploiting vulnerabilities/weaknesses in JBoss Application Server and other Java Application Servers (for example, WebLogic, GlassFish, Tomcat, Axis2, and so on). This tool is not available in Kali Linux you need to download …
Read More »Penetration Testing Network Routers using RouterSploit
In this article we’re going to discuss penetration testing network routers using RouterSploit in a beginner’s way. Basically RouterSploit is a router exploitation framework or we can say penetration testing framework for routers, designed especially for embedded devices. This framework can perform three main modules: exploiting module: contains list of …
Read More »Penetration Testing Embedded Devices
Let’s discuss about penetration testing embedded devices. First we need to know about embedded devices and their types then we’ll cover penetration testing embedded devices and I would recommend you to follow this practical guide for penetration testing into IPSec VPNs if you are interested. Basically an embedded device is used for …
Read More »How to create Evil Access Point? Kali NetHunter Guide
Today we are going to learn about how to create evil access point in Kali NetHunter. MANA toolkit is used to create evil access point launched by SensePost, which can be used to perform Wi-Fi, Access Point (AP), and MITM attacks. Whenever a victim connects to our access point, this …
Read More »Compromise SSH (Secure Shell) using Kali Linux
In this article we are going to discuss how to penetrate or compromise SSH (Secure Shell) using Kali Linux. Basically secure shell (SSH) protocol is a network protocol mainly used to establish an encrypted communication channel across an open network between a server and a client. Commonly, a public-private key …
Read More »Develop Windows Exploits (Complete Guide)
In this lengthy article we are going to discuss how to develop windows exploits. If you want to be a successful Ethical Hacker or Penetration tester you should have a fair understanding/knowledge of the assembly language to develop windows exploits (custom exploits). Let us cover some basics that are required …
Read More »Penetration Testing IPSec VPN (Virtual Private Network)
In this article we are going to discuss Penetration Testing IPSec VPN (Virtual Private Network). VPN provide secure (encrypted) communications between remote locations or users within the same network through internet. Basically there are two types of VPNs: IPSec VPN and SSL VPN. IPSec is widely used protocol to establish secure …
Read More »Compromise Remote Access Protocols
Let us discuss about how we can compromise remote access protocols. There was a time when applications that bypass system protocols to provide remote access were famous. Those applications are presently being replaced with online services like GoToMyPC or LogMeIn, they are still quite common. Examples of such programs include …
Read More »