MetaSploit tutorial for beginners This MetaSploit tutorial for beginners is to be a starting guide for how to use MetaSploit. It assumes that you already have MetaSploit installed, or that you are running Kali / backtrack Linux. The basic concept of how to use MetaSploit is as follows:– Run msfconsole Read more…
I have decided to start studying towards a CISSP and / or an OSCP, as part of that I saw an excellent blog post recommending to go through a lot of CTF challenges from vulnhub.com. These are my Kioptrix walkthrough guides / findings and observations for each of the first Read more…
Spidering a web application using website crawler software in kali linux There are lots of tools to spider a web application (an companies which are based on this tech, eg google) short list of tools to help you spider a site (eg for creating a sitemap for SEO, or recon Read more…
This tutorial will show you how to make a Raspberry Pi hack tool by installing Kali on the Raspberry Pi – by the end of this guide you will have a Kali Raspberry Pi hacking tool with lots of tools ready for use! Install Kali on the Raspberry Pi Following Read more…
Metasploit for website pentest using wmap. Wmap is a web application scanner that runs within metasploit. We can use wmap to get an outline of the application we are probing. Start dvwa inside vagrant In this tutorial I’ll be using dvwa in vagrant as my target If you dont have Read more…
Metasploitable background: What is metasploitable? “Metasploitable is a Virtual Machine that is built from the ground up with a large amount of security vulnerabilities. It is intended to be used as a target for testing exploits with metasploit.” Why do we need metasploitable? One of the problems you encounter when Read more…
Continuing on from my original metasploit beginners tutorial, here is a slightly more advanced Metasploit tutorial on how to use metasploit to scan for vulnerabilities. The outcome of this tutorial will be to gather information on a host and its running services and their versions and vulnerabilities, rather than to Read more…
This is a burpsuite beginners tutorial. Burpsuite is a collection of tools, written in Java used to perform various network security related tasks. Burpsuite can be used as a basic http proxy to intercept traffic for analysis and playback, a web application security scanner, a tool to perform automated attacks Read more…
This is a simple Vega scanner tutorial for beginners on XSS scanning with vega scanner in kali linux. VEGA is an open-source web security scanner, written in java with a GUI. you can scan for XSS issues and can also scan for SQL injection vulnerabilities. In this short introduction tutorial Read more…
This is a short post on how to setup a dvwa vagrant box for your testing. I recommend this method when installing and testing new tools (and even for developing tools of your own) – there are known vulnerabilities in this system, so you can use the scientific method while Read more…
This is a short post on how to remove unused kernels in linux. I’m adding it here because I use it regularly and keep forgetting the commands – it might help you too! Removing kernels manually firstly, check your running kernel version uname -a next, show all the installed kernels: Read more…
Blackarch pacman package groups Install with pacman -S groupname to quickly install a bunch of tools in one command: This info is available in the blackarch developers guide here: https://blackarch.org/blackarch-guide-en.pdf – this post is a copy-paste of that info – there are a lot of red-team things in the list, Read more…
Blackarch on the chuwi hi10pro – prereq’s a usb hub a usb flashdrive a usb mouse a usb wifi adaptor (at least for the initial setup) Download blackarch from https://blackarch.org/downloads.html write to a usb drive (I used Etcher to do this part) Plug into chuwi and boot – Press F7 Read more…
Kali linux wpa_supplicant cli config. To setup a wifi connection using wpa_supplicant on the cli in kali, first you have to bring up your network interface ifconfig wlan0 up Next, we create a config file wpa_passphrase ‘router_ssid’ ‘wifi_password’ > /etc/wpa_supplicant.conf We need to edit the config file and remove some Read more…
I wrote a previous post about kali on the hi10, and promised a followup on Chuwi hi10 pro kali linux wifi fixes; here it is. The on-board wifi works out of the box in kali 2018.01 :D Kali chuwi hi10 pro wifi fix if you have just installed kali on Read more…
This is a short tutorial on dual booting windows and Kali on the Chuwi Hi10 Pro. Updated for Kali 2018.4 When I first wrote this post I seriously wouldn’t have recommended Kali on the Chuwi Hi10 Pro as an every-day system – Starting with 2018.01 and the 4.14 kernel it Read more…
Automatic updates in kali (and other apt based distros). There are a ton of ways to do automatic updates in kali linux (though this will work on debian, ubuntu, proxmox and any other apt-based system): 1) unattended-upgrades 2) a cron script 3) cron-apt This post will go through the various Read more…
How to install birdwatcher in kali linux Birdwatcher is an OSINT data analysis and data gathering tool for twitter. Birdwatcher has been designed to feel like metasploit or recon-ng, so should be familiar for anyone who has used those tools. Install birdwatcher in kali linux: Kali has ruby 2.2.x. by Read more…
This post is a wapiti tutorial. You’ll find various wapiti options, how to import wapiti scan results into metasploit and how you can disable wapiti modules to speed up your scans. A basic one-liner command to get you started would be: More about the command line arguments: These basics will Read more…
This post contains the kali linux keyboard freeze fix. Kali 2.0 is out, and I’ve installed it on my work pc; one thing I noticed was that the usb keyboard kept becoming un-responsive. It was very annoying. Symptoms Keyboard stops responding randomly for a few seconds, making typing very difficult. Read more…
This is a quick post about importing nessus6 scan results into metasploit. This can be very useful for adding a ton of information into a new Metsploit database, or adding to information you already have (eg importing results from a weekly or monthly scan of a website / web server) Read more…
What is an sql injection attack? All websites process data entered by users. An input-validation attack is when unexpected user input is processed by a web server or database and an error occurs. What is an sql injection attack? “An SQL Injection Attack (SQLIA) occurs when an attacker attempts to Read more…
I use an apple keyboard at work, I also use ubuntu. There are two things that I need to do to fix the cmd and fn keys with an apple keyboard in linux. 1) modify a file to make the F1-F12 keys work properly (eg, pressing the fn key makes Read more…
Linux / OSx commandline network host discovery This post contains Various ways to find the hosts in your network using commanline commands. For the following, it is assumed that: 192.168.1.0/24 is your whole network 192.168.1.255 is your broadcast address Replace with your own values (you can find these with ifconfig) Read more…
This is a basic openvas tutorial for beginners. I will explain a little of how to use openvas web ui to perform a test of your systems. It will give you the basic options for using metasploit msfconsole to run an openvas vulnerability scan. You will also learn how to Read more…
This tutorial is a basic Kali linux arachni tutorial: to get arachni up and running on your kali linux system and perform a basic scan. Arahni is a vulnerability scanner for web-apps, it is installed as part of kali-linux, their site is here Arachni via the command line Open a Read more…
This is a basic nikto tutorial for kali linux. It will get you started with nikto. For advanced usage, see ‘man nikto’ or http://cirt.net/nikto2-docs/ Nikto is a web application scanner – it will scan a web service and look for known vulnerabilities. It can be very useful to perform a Read more…
This is a basic plecost tutorial. Plecost is a commandline utility that will scan your wordpress host and identify lots of information leaks that could potentially help crackers breaking in to your site. There is some information at iniqua labs, but its a little difficult to get to grips with. Read more…
pentesterlab.com is a very cool site. its built with bootstrap too ;) they have various exercises and assets for those exercises available. each exercise has a vmware image, so you can download a copy of kali linux and load pentesterlabs vmware excercise and learn all sorts of cool things :) Read more…
Wpscan wordpress vulnerability scanner. WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach. WpScan checks the security of your wordpress installation by enumerating installed themes and plugins and checking against vulnerability databases for known issues. Details Username enumeration (from author querystring and Read more…
This is a short linux bluetooth scanning tutorial with some tools you can use in backtrack linux (now kali linux) or any distribution you prefer to perform bluetooth scans. Its not comprehensive, but will show you the tools that you need to get started searching for nearby devices. linux bluetooth Read more…
This is a short nessus tutorial to help you get to grips with nessus. Nessus is a vulnerability scanner. Nessus can scan your assets for network security vulnerabilities. Nessus allows you to be proactive in securing your base so that all your base belongs to you :D Nessus tutorial quick Read more…
This post will show you how to Install backtrack repo in ubuntu – I got an HP mini netbook a couple of days ago. I’m mostly going to use it to check sites at home in IE; but it will also have another use: hacking =) I need to check Read more…