Penetration Testing SQL server
Penetration Testing SQL server SQL Server is a relational database management system from Microsoft, which is used as a central location to save and obtain data needed for applications. It...
Tagged: metasploit
Metasploit: Token Stealing and Incognito
Load mimikataz on meterpreter to dump clear text password. Token Stealing In metasploit framework there is an extension which is called incognito which allows us to perform activities such as...
Bypass Antivirus software using Metasploit & Shellter
Shellter Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE infector ever created. It can be used in order to inject shellcode into native Windows applications...
msfvenom Payload List
Msfvenom is the combination of payload generation and encoding. It replaced msfpayload and msfencode on June 8th 2015. To start using msfvenom, first please take a look at the options...
nps_payload: generate payloads for basic intrusion detection avoidance
This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Installation Setting up samba shares: 1.) apt-get install samba 2.) vi/nano/whatever...
MeterSSH: Bypassing IDS Firewall using Meterpreter over SSH
Tool Name: MeterSSH Written by: David Kennedy Company: TrustedSec Website: https://www.trustedsec.com Twitter: @TrustedSec, @HackingDave MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to...
Exploit Windows machine using MITM attack
Man-in-the-middle attack Abbreviated as MITMA, a man-in-the-middle attack is an attack where a user gets between the sender and receiver of information and sniffs any information being sent. In some...
Bypass UAC Protection on Windows 7/8/10 x86&x64 machine
User Account Control, UAC is a feature introduced with Windows Vista to provide an extra security by preventing administrative rights to programs unless approved by the user. Below is a picture of the UAC confirmation dialog...
Automated Persistent Backdoor Metasploit
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source Metasploit Framework, a tool for developing and executing exploit code against a remote target...
Ports scanning using Metasploit
On your penetration testing, finding ports and services is important. In the real world, I exploited some systems by identifying open ports and try to attack this port. This articles,...
CVE-2017-6334: Netgear DGN2200 dnslookup.cgi Command Injection
CVE-2017-6334 dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST...
Using Nessus and Metasploit Together
Introduction to Nessus Nessus is a vulnerability scanning and analysis software from tenable, a leading information security services company, known as “the world’s most popular vulnerability scanner, used by more...
Windows 10 Bypassuac fodhelper module
exploit/windows/local/bypassuac_fodhelper module This module will bypass Windows 10 UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get...
Metasploit Command Lists
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source[2]...
Top 9 Best Tool for Penetration Tester
We have filled the world of hackers with infinite fantasy and fear, but with the rise of technology and security in the field of progress, hacking technology has become increasingly...
