MetaSploit tutorial for beginners
MetaSploit tutorial for beginners This (updated for 2021) MetaSploit tutorial for beginners is meant to be a starting guide on how to use MetaSploit if you have never used it…
nc netcat opening listening ports
nc netcat opening listening ports - Netcat scan examplesEstablish a connection to a remote port if open: [~]# nc -vn 192.168.2.101 22Ncat: Connected to 192.168.2.101:22.SSH-2.0-OpenSSH\_7.6 As you see, netcat was…
zmap on a local network
zmap is an opensource network scanner, most often used to scan whole external internet networks in this tutorial I'll show you how to run zmap on a local network. One…
Investigating uPNP with Python for fun and profit
Investigating uPNP with python for fun and profit. SSDP is an interesting uPNP protocol - devices advertise their capabilities on the network and leak valuable information. SSDP is very similar…
Linux on the desktop as a web developer
A breif look at the tools you need as a web developer in 2020, running Linux on the desktop as a web developer. OSX is my os of choice, but…
Kali linux nethunter on unrooted android – rootless nethunter!
I recently saw this tweet from kali linux https://twitter.com/kalilinux/status/1209615382224547840?s=19 on installing rootless nethunter on an unrooted android device. This is my attempt to do so. The tweet linked here: https://www.kali.org/docs/nethunter/nethunter-rootless/…
Kioptrix Walkthrough Guide
I have decided to start studying towards a CISSP and / or an OSCP, as part of that I saw an excellent blog post recommending to go through a lot…
Website crawler software kali linux
Spidering a web application using website crawler software in kali linux There are lots of tools to spider a web application (an companies which are based on this tech, eg…
Raspberry Pi hacking
This tutorial will show you how to make a Raspberry Pi hack tool by installing Kali on the Raspberry Pi - by the end of this guide you will have…
Metasploit for website pentest
Metasploit for website pentest using wmap. This is a short tutorial on using the wmap module inside metasploit. Wmap is a web application scanner that runs within metasploit. We can…
Installing metasploitable with vagrant
Metasploitable background: What is metasploitable? "Metasploitable is a Virtual Machine that is built from the ground up with a large amount of security vulnerabilities. It is intended to be used…
How to use metasploit to scan for vulnerabilities
Continuing on from my original metasploit beginners tutorial, here is a slightly more advanced Metasploit tutorial on how to use metasploit to scan for vulnerabilities. The outcome of this tutorial…
Burpsuite beginners tutorial – how to use burp suite
This is a burp suite beginners tutorial. Burpsuite is a collection of tools, written in Java used to perform various network security related tasks. Burpsuite can be used as a…
Vega scanner tutorial for beginners in kali linux
This is a simple Vega scanner tutorial for beginners on XSS scanning with vega scanner in kali linux. VEGA is an open-source web security scanner, written in java with a…
DVWA vagrant
This is a short post on how to setup a dvwa vagrant box for your testing. I recommend this method when installing and testing new tools (and even for developing…
How to remove unused kernels in linux
This is a short post on how to remove unused kernels in linux. I'm adding it here because I use it regularly and keep forgetting the commands - it might…
Blackarch pacman package groups for tools
Blackarch pacman package groups Install with pacman -S groupname to quickly install a bunch of tools in one command: This info is available in the blackarch developers guide here: https://blackarch.org/blackarch-guide-en.pdf…
Blackarch on the chuwi hi10pro – install and config
Blackarch on the chuwi hi10pro - prereq's a usb hub a usb flashdrive a usb mouse a usb wifi adaptor (at least for the initial setup) Download blackarch from https://blackarch.org/downloads.html…
Kali linux wpa_supplicant cli config
Kali linux wpa_supplicant cli config. To setup a wifi connection using wpa_supplicant on the cli in kali, first you have to bring up your network interface ifconfig wlan0 up Next,…
Chuwi hi10 pro kali linux wifi fixes
I wrote a previous post about kali on the hi10, and promised a followup on Chuwi hi10 pro kali linux wifi fixes; here it is. The on-board wifi works out…
Kali on the Chuwi Hi10 Pro – updated for Kali 2020
This post is now updated with install information for using 2020 versions of Kali on the Chuwi Hi10 Pro. When I first wrote this post I seriously wouldn't have recommended…
Automatic updates in kali
Automatic updates in kali (and other apt based distros). There are a ton of ways to do automatic updates in kali linux (though this will work on debian, ubuntu, proxmox…
How to install birdwatcher in kali linux
How to install birdwatcher in kali linux Birdwatcher is an OSINT data analysis and data gathering tool for twitter. Birdwatcher has been designed to feel like metasploit or recon-ng, so…
Wapiti tutorial
This post is a wapiti tutorial. You'll find various wapiti options, how to import wapiti scan results into metasploit and how you can disable wapiti modules to speed up your…
Kali linux keyboard freeze fix
This post contains the kali linux keyboard freeze fix. Kali 2.0 is out, and I've installed it on my work pc; one thing I noticed was that the usb keyboard…
Importing nessus6 scan results into metasploit
This is a quick post about importing nessus6 scan results into metasploit. This can be very useful for adding a ton of information into a new Metsploit database, or adding…
What is an sql injection attack
What is an sql injection attack? All websites process data entered by users. An input-validation attack is when unexpected user input is processed by a web server or database and…
Fixing the cmd and fn keys with an apple keyboard in linux
I use an apple keyboard at work, I also use ubuntu. There are two things that I need to do to fix the cmd and fn keys with an apple…
OpenVas tutorial for beginners using web and metasploit
This is a basic openvas tutorial for beginners. I will explain a little of how to use openvas web ui to perform a test of your systems. It will give…
Kali linux arachni tutorial
This tutorial is a basic Kali linux arachni tutorial: to get arachni up and running on your kali linux system and perform a basic scan. Arahni is a vulnerability scanner…
Nikto tutorial for kali linux
This is a basic nikto tutorial for kali linux. It will get you started with nikto. For advanced usage, see 'man nikto' or the cirt website Nikto is a web…
Plecost tutorial
This is a basic plecost tutorial. Plecost is a commandline utility that will scan your wordpress host and identify lots of information leaks that could potentially help crackers breaking in…
Pentesterlab – teach yourself how to learn penetration testing
pentesterlab.com is a very cool site. its built with bootstrap too ;) they have various exercises and assets for those exercises available. each exercise has a vmware image, so you…
Wpscan wordpress vulnerability scanner
Wpscan wordpress vulnerability scanner. WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach. WpScan checks the security of your wordpress installation by…
Backtrack linux bluetooth scanning tutorial
This is a short linux bluetooth scanning tutorial with some tools you can use in backtrack linux (now kali linux) or any distribution you prefer to perform bluetooth scans. Its…
Nessus tutorial – Vulnerability scanning with Nessus
This is a short nessus tutorial to help you get to grips with nessus. Nessus is a vulnerability scanner. Nessus can scan your assets for network security vulnerabilities. Nessus allows…
Install backtrack repo in ubuntu
This post will show you how to Install backtrack repo in ubuntu - I got an HP mini netbook a couple of days ago. I'm mostly going to use it…