In this tutorial we are going to talk about some ways to maintaining access after penetration testing, it saves time and patches vulnerabilities. Ways of maintaining access: •Creating OS Backdoors (using cymothoa to do cymothoa -s)(using nc for in kali … Continue reading →

In this tutorial, we are going to introduce some password attacking techniques and tools. Password is one of the factors for authentication, authentication is based on something you know, something you have and who you are. Several attacking techniques offline … Continue reading →

In this tutorial, we are going to to a small introduction in exploitation techniques. Vulnerability Exploitation is very important to improve website security by finding the problems and their risk level from low to high. These are the sample of … Continue reading →

In this tutorial, we are going to do a small introduction about DVWA, Damn vulnerable web application coded in PHP/SQL, main goals are to be an aid for security professionals. To install DVWA first make a cd in Kali Linux … Continue reading →

In this tutorial, we are going to see the sample step by step of using a social engineering toolkit. 1. Open social engineering toolkit inside Kali Linux and type your sudo password.2. Afterwards, choose some options, the sequence of the … Continue reading →

In this tutorial, we are going to see some sample diagram of vulnerability mapping. This kind of mapping is very useful in order to see what kind of risk that we could hack. Afterwards to see what are the recommendation … Continue reading →

In this small tutorial, we are going to find out how to do enumeration scan on the target IPs. There are some tools that can be used such as follow:– Nbtscan To scan a range of IP address,> sudo nbtscan … Continue reading →

In this tutorial, we are going to find out IP addresses behind those websites that are associate with Cloudflare. Before that, Cloudflare is basically an SSL, reverse proxy which makes a website more secure by adding a layer for the … Continue reading →

This week, we learn about using Maltego, and now I am gonna give a small tutorial on how to use it. Maltego is a graphic application to detect any of domains, company or famous person in a form of a … Continue reading →

In this week, we learn about burp suite, but first, the user needs to change their proxy first before they can intercept using that burp suite. Firstly, users need to download the credential certificate file consists of SSL for changing … Continue reading →