I haven't posted in a while, but today I have something interesting to share. Recently, multiple service providers that I use have started blocking some websites using deep packet inspection firewalls. Earlier, these firewalls would only block traffic by examining hostname in GET requests (which is easy to bypass by just using the https version of the target website), but now they employ some more techniques. Specifically, they block based on the SNI field of the TLS client hello, and sometimes also block on the basis of DNS queries. I was looking for ways to bypass these using custom extens ..read more

IntroIf you've been following security news, you'd know that Mac OS High Sierra has a security bug. Most of the articles have done a fine job explaining all the fluff, so I'll get straight to the point. If you have no password for the root account (as is the case for most users, since they haven't explicitly set up a root account and password on their system), then Mac will accept a blank password for logging into root. A demo is better than a 1000 words, and I'll show you one real quick- DemoStep 1 : Go to a place requiring admin privilege authentication. For example, Users and Groups in S ..read more

Over the past week, around 200,000 systems are believed to have been hacked by wannacry ransomware. Let's start with some background first, and then move into the details- Trojans Before you know what Ransomeware is, it's important to know what trojans are. We can broadly classify malicious computer programs into 2 categories- Spread wildly and attack destructively Spread surgically and attack covertly The first category comprises the typical viruses that infect your computers, get inside your USB, copy themselves to every avenue they can. They slow down your computer, limit it's functiona ..read more

In the previous tutorial, we set up our web application pentesting lab. However, it's far from ready, and we need to make some changes to get it working as per our needs. Here's the link to the previous post if you didn't follow that- Set up your web app pentesting lab Contents Fixing the problems Changing credentials Adding recaptcha key Enabling disabled stuff Installing missing stuff Giving write privileges Fixing problems If you remember from previous post, we reached this point- There's some stuff in red color All the stuff in red needs fixing. If you are lucky, we have t ..read more

Without any preface, let me get straight to the point. In this tutorial, we will be installing Damn Vulnerable Web Application (DVWA) on a Ubuntu virtual machine. Our attacker machine would be Kali Linux, which is also installed as a virtual machine (or virtual box). The host can be any OS, and doesn't matter since we won't be using it at all. An alternate configuration is when your host is either Kali or Ubuntu, in which case you need only one VM, to install their the other OS. Alternatively, you could just use a single Kali machine both as attacker as well as victim (running the vulnera ..read more

In this tutorial we will guide you how to stay anonymous while hacking online using TOR and Proxychains. Hiding your ass while hacking is easy just require some configuration which we will gonna see in this tutorial. Just follow this as shown. First thing First!!!! TOR Tor is software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy. It gives you access to the dark web. Dark web is nothing but the encrypted network that exists between tor servers and their clients. For more detail : https ..read more

In this tutorial, we will tell you how to install kali Linux on raspberry pi 3. Raspberry pi is a single board small computer which is portable as well. Raspberry pi 3 is the third generation Raspberry Pi. It will cost you around $35-$40 (totally worth it). It will come with handy specs. INSTALLATION REQUIREMENTS :  Raspberry Pi :Raspberry Pi Model B RASP-PI-3 Motherboard SD CARD : Samsung Evo 16GB Class 10 micro SDHC Card (MB-MP16D/IN) Ethernet Cable : Patch Cord 1.5 Meter Network Ethernet Cable RJ45 and lan cable Data cable DOWNLOAD LINKS : Putty Kali Linux I ..read more

This guide may not exactly be relevant to this blog, but as an exercise in getting familiar with Linux, I'll post it anyways. Here are a few disclaimers- Don't follow this guide for compiling linux kernel, there are much better guides out there for that purpose (this is the one I followed). The guide exists to help you learn some new stuff which you didn't know before, and to improve your understanding of Linux a bit. My knowledge of Linux and operating systems, in general, is somewhat limited, and hence, some things might be wrong (or at least not perfectly correct). The main reason for wr ..read more

Below is a guest post by Shabbir, and I'd like to add some comments describing what to expect ahead. First, there are two methods, both are very simple. One works with rooted phones only, and the other works with/without root. Without root you can get connected to the wireless network, but won't find out it's password. These methods work only on vulnerable wifis, so success rate is low. Still, since it's a 5 minute process (simply install an app from play store), it might be worth the effort for most people. <actual post starts below> You know if you ask me, hacking a wifi network is e ..read more

Web application firewalls are usually placed in front of the web server to filter the malicious traffic coming towards server. If you are hired as a penetration tester for some company and they forgot to tell you that they are using web application firewall than you might get into a serious mess. The figure below depicts the working of a simple web application firewall: As you can see its like a wall between web traffic and web server, usually now a days web application firewalls are signature based. What is a signature based firewall? In a signature based firewall you define signatures ..read more