Friday, July 20, 2018

How to Add Custom Login URL in WordPress

Did you know that anyone can easily find your WordPress login URL. Recently, one of our readers asked if it was possible to change the default WordPress login URL to a custom...
Veracrypt

Veracrypt for windows system drive encryption

VeraCrypt is a software for establishing and maintaining an on-the-fly-encrypted volume (data storage device). No data stored on an encrypted volume can be read (decrypted) without using the correct password/key file(s)...
RIPS

RIPS static source code analyser for PHP web applications

RIPS is a static code analysis tool to automatically detect vulnerabilities in a PHP web application. By parsing all source files RIPS is able to transform PHP source code into a...
twitter

Twitter other application clients for android

For a long time, twitter android client just wasn't very good compared to its iOS Client. So it is best to use third party twitter clients for best use. Even though...
xss payload

How to XSS with file upload functionality

Sometimes file upload functionality is vulnerable to XSS attack if there is a lack of sanitization. User restricted area with an uploaded image or profile picture is everywhere, providing more chances...
Zenmap GUI

How to use nmap for network mapping

Nmap (Network Mapper) is a free and open source utility for network discovery and security audit. It is useful for network inventory, managing services, and host. It uses RAW IP packets...

How to use weevely for post-exploitation

Weevely is a stealthy and tiny command line web shell that stimulate terminal like connection. It is designed for remote server administration and penetration testing. This shell is useful for web...
sqlmap

How to use sqlmap for automated database takeover

With SQLmap you can take over or dump full databases, can escalate privileges, bypass CSRF tokens, can detect XSS. It is very useful for parameter pollution or parameter fuzzing to bypass...
Burpsuite CSRF attack

How to use non csrf token forms for DDOS

Web applications not using Anti csrf tokens may lead to denial of service attack. Yes, it is possible! With the help of intruder functionality in burp suite, it is possible to...
pelican

Static site generator every penetration tester should rely on

In this post, we're gonna discuss static site generators powered by Python, JavaScript, and Ruby on Rails. we can also call it as a blog and there are tons of static...

APLICATIONS

How to Fix WordPress Issue “Sorry, this file type is not...

Sometimes in WordPress site you try to upload file and got the error message “Sorry, this file type is not permitted for security reasons.”...

HOT NEWS