Penetration Testing | Hacking Articles
853 FOLLOWERS
Hacking Articles is a very interesting blog about information security, penetration testing and vulnerability assessment managed by Raj Chandel.Follow this blog to find articles on Penetration Testing.
Penetration Testing | Hacking Articles
1w ago
In the realm of cybersecurity, network scanning tools play a vital role in reconnaissance and vulnerability assessment. Among the array of options available, Rustscan has emerged as a formidable contender, offering speed, efficiency, and versatility that distinguish it from traditional tools like Nmap.
Table of Contents
What sets Rustscan apart?
Advantages of Rustscan over Nmap
Usage (Docker)
Installation and Usage (Standalone)
Rustscan flags
Conclusion
What sets Rustscan apart?
Rustscan is an open-source network scanner developed in the Rust programming language. Its lightweight design, opt ..read more
Penetration Testing | Hacking Articles
2w ago
Pentesters rely on a variety of tools to establish connections and maintain access during security assessments. One critical component of their toolkit is the listener—a program that listens for incoming connections and facilitates communication with compromised systems.
In this blog post, we’ll delve into different listener options, exploring features and use cases for popular tools such as Netcat, Rlwrap, Rustcat, Pwncat and Windows ConPty shell.
Table of Content
Reverse Shell Generator
Netcat for Beginners
Rlwrap for OSCP
Rustcat for OSCP
Pwncat for Read Teamers
Windows ConPty for OS ..read more
Penetration Testing | Hacking Articles
3w ago
Introduction
Shellcodes are machine instructions that are used as a payload in the exploitation of a vulnerability. An exploit is a small code that targets a vulnerability. Shellcodes are written in assembly. We generally refer to sites like shell-storm.org to get shellcodes and attach them to our exploits. But how can we make our shellcodes?
This series of articles focuses on creating our shellcodes. In Part 1, we’d be understanding basic assembly instructions, writing our very first assembly code, and turning that into a shell code.
Table of Content
Understanding CPU Registers
First Assembl ..read more
Penetration Testing | Hacking Articles
2M ago
This comprehensive guide delves into the intricacies of Lateral Movement utilizing Ligolo-Ng, a tool developed by Nicolas Chatelain. The Ligolo-Ng tool facilitates the establishment of tunnels through reverse TCP/TLS connections using a tun interface, avoiding the necessity of SOCKS. This guide covers various aspects, from the tool’s unique features to practical applications such as single and double pivoting within a network.
Download Ligolo-Ng:
Ligolo-Ng can be downloaded from the official repository: Ligolo-Ng Releases.
Table of Contents:
Introduction to Ligolo-Ng
Ligolo V/S Chisel
Lab Set ..read more
Penetration Testing | Hacking Articles
3M ago
In this article, we will learn how to get a reverse in a few easy steps. Usually, the problem when reverse shell commands is to remember its long and complicating syntax. But due to growing AI of our digital world, this problem tackled and dealt with. Let’s see how it is done through this article.
Table of Content
What is Reverse Shell?
Types of Reverse Shell
Working of Reverse Shell
Reverse Shell Generator – 1
Reverse Shell Generator – 2
Hack tool
Shellz
Mitigation
What is Reverse Shell?
A reverse shell is a technique used in computer security and hacking that allows an attacker to gain con ..read more
Penetration Testing | Hacking Articles
6M ago
In this article, we will learn how to customise the Firefox browser for efficient pen-testing along with extensions you can use for the same purpose.
Table of Contents:
Introduction
Understanding the Role of the Browser in Penetration Testing
Extensions for efficient pen-testing
Wappalyzer
Foxyproxy
Hacktool
Hackbar
Tamper data
User-agent Switcher
Cookie editor
Temp mail
Built with
Conclusion
Mindmap
Introduction
In the ever-evolving landscape of cybersecurity, penetration testing stands as a crucial pillar of defence against the relentless onslaught of cyber threats. Penetration testers, of ..read more
Penetration Testing | Hacking Articles
7M ago
Introduction
Serialization gathers data from objects, converts them to a string of bytes, and writes to disk. The data can be deserialized and the original objects can be recreated. Many programming languages offer a way to do this including PHP, Java, Ruby and Python (common backend coding languages in web).
Let’s talk about serialization in Python. In Python, when we can use the pickle module, the serialization is called “pickling.”
Table of content
Serialization in Python
Serialization in Web Applications
Over Pickling
Python YAML vs Python Pickle
Mitigation
Demonstration
Conclusion ..read more
Penetration Testing | Hacking Articles
1y ago
This article talks about Trivy, which is a simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for Continuous Integration and Testing.
Table of Contents
Introduction
Installation
Scanning Git Repository
Scanning Container Image
Scanning Filesystem
Scanning the running Containers
Embed Trivy in Dockerfile
Introduction
Trivy is an open-source tool by aqua security to scan for vulnerabilities and misconfiguration errors. This tool works at various levels: it can evaluate Infrastructure as Code, inspect container images, deliver configuration file assistan ..read more
Penetration Testing | Hacking Articles
2y ago
Hello! Pentesters, this article is about a brute-forcing tool Hydra. Hydra is one of the favourite tools of security researchers and consultants. Being an excellent tool to perform brute force attacks, it provides various other options which can make your attack more intense and easier to gain unauthorised access to the system remotely. In this article, I have discussed each option available in hydra to make brute force attacks in various scenarios.
Table of Contents
Introduction to Hydra
To guess password for a specific username
Brute forcing Username and Password
Verbose and Debug Mode
NULL ..read more
Penetration Testing | Hacking Articles
2y ago
Hi Pentesters! Let’s learn about a different tool Medusa, which is intended to be a speedy, parallel and modular, login brute forcer. The goal of the tool is to support as many services which allow remote authentication as possible. We can consider the following items to be some of the key features of the application.
Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently.
Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or ..read more