Friday, July 20, 2018
Burpsuite CSRF attack

How to use non csrf token forms for DDOS

Web applications not using Anti csrf tokens may lead to denial of service attack. Yes, it is possible! With the help of intruder functionality in burp suite, it is possible to...

How to use weevely for post-exploitation

Weevely is a stealthy and tiny command line web shell that stimulate terminal like connection. It is designed for remote server administration and penetration testing. This shell is useful for web...
Veracrypt

Veracrypt for windows system drive encryption

VeraCrypt is a software for establishing and maintaining an on-the-fly-encrypted volume (data storage device). No data stored on an encrypted volume can be read (decrypted) without using the correct password/key file(s)...
syskey

Syskey to secure Security Accounts Management (SAM) database

SysKey is an inbuilt Windows utility that can help you secure the Security Accounts Management or SAM database. It can optionally be configured to require the user to enter the key...
pelican

Static site generator every penetration tester should rely on

In this post, we're gonna discuss static site generators powered by Python, JavaScript, and Ruby on Rails. we can also call it as a blog and there are tons of static...
RIPS

RIPS static source code analyser for PHP web applications

RIPS is a static code analysis tool to automatically detect vulnerabilities in a PHP web application. By parsing all source files RIPS is able to transform PHP source code into a...
Temporary-Administrator-lazybatman

How to Add a Temporary Administrator to Your WordPress Website

If you ever require the assistance of WordPress management services or the support of your theme/plugins developers, they may ask for administrator access to your WordPress website. What do you do then?...
hashing

Importance of Hashing in digital forensics

In an investigation, everything you have done must be able to be replicated by another person, and this is done via hashing.Hashing refers to the use of hash functions to verify that...
xss payload

How to XSS with file upload functionality

Sometimes file upload functionality is vulnerable to XSS attack if there is a lack of sanitization. User restricted area with an uploaded image or profile picture is everywhere, providing more chances...
Atom

Text editor every penetration tester should rely on

Today I come up with three text editor every developer or penetration tester should use. Vi or Vim First text editor we're gonna discuss here is Vim. As a linux user, we...

LATEST NEWS

MUST READ