full screen background image

Hack the Covfefe VM (CTF Challenge)

Hello friends! Today we are going to take another CTF challenge known as covfefe. The credit for making this vm machine goes to “Tim...

MHA – Mail Header Analyzer

Mail header analyzer is a tool written in flask for parsing email headers and converting them to a human readable format and it also can:...

Faraday v2.7 – Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you have alwasy been looking for! It maps and leverages all the data you...

Exploiting Remote machine with Pastejacking

Pastejacking is a technique that takes over the clipboard of a machine, for instance, when we copy text from a website, that text can be...

TROMMEL: Sift Through Directories of Files to Identify Indicators That May Contain Vulnerabilities

TROMMEL sifts through directories of files to identify indicators that may contain vulnerabilities. Itidentifies the following indicators...

Hack the Born2Root VM (CTF Challenge)

Hello friends! Today we are going to take another CTF challenge known as Born2Root. The credit for making this vm machine goes to “Hadi...

DEFENDER: WordPress Plugin Evaluation

Introduction In this article, we will look at the DEFENDER WordPress plugin. This plugin is touted to provide layered security for...

Exploiting Windows Machine with DDE Exploit

DDE stands for “dynamic Data Exchange”, this is a method used by windows to facilitate one program being able to subscribe to an item...

How to child-proof the Internet

The Internet is filled with websites that are inappropriate for anyone, much less children. Kids get into trouble online all the time, even...

How to keep children safe on the internet

Much of the internet is a fabulous resource for kids, whether it’s Wikipedia for helping with homework, online games, social...

Keeping Your Child Safe on the Internet

As with the real world, the Internet has its seamy side  — and it’s all too easy for kids to stray into it. Click-click and a...

Habu – Python Network Hacking Toolkit

Habu: Network Hacking Toolkit I’m developing Habu to teach (and learn) some concepts about Python and Network Hacking. These are basic...

Cromos – Download and Inject code into Google Chrome extensions

Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application and...

PoSh-R2 PowerShell: investigators and forensic analysts tool

PoSH-R2 is a set of Windows Management Instrumentation interface (WMI) scripts that investigators and forensic analysts can use to retrieve...

yarAnalyzer: Yara Rule Analyzer and Statistics

yarAnalyzer creates statistics on a yara rule set and files in a sample directory. Place some signatures with .yar extension in the...

Raptor WAF: Web application firewall

raptor waf Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal. Why...

Dex-Oracle – A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis

A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis. Also, the inspiration for another Android...

docker-onion-nmap – Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container

  Use nmap to scan hidden “onion” services on the Tor network. Minimal image based on alpine, using proxychains to wrap...

Paskto – Passive Web Scanner

  Paskto will passively scan the web using the Common Crawl internet index either by downloading the indexes on request or parsing...

Wifi Post Exploitation on Remote PC

After getting the meterpreter of victim pc background the current session and type in below given command. This will provide you list of...

Parrot Security 3.9 – Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

  Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind. It includes a full portable laboratory for...

Phishruffus – Intelligent Threat Hunter And Phishing Servers

Phishruffus is a tool designed to identify threats and malicious DNS servers on the Internet that are used for the illicit practice of bank...

Analysis of Malicious Documents- Part 5

In the last article, we reviewed how to analyze malicious PDF documents. In this last part of the article series, we will continue...

Proteus: 1 – CTF Walkthrough

Proteus is a relatively new machine that came on VulnHub. Created by Ivanvza, it surfaced on June 7th, 2017. It can be downloaded from...

Microsoft Office Dynamic Data Exchange(DDE) attacks

Microsoft Office programs are widely exploited by malware authors by embedding links, objects, and other payloads. Its effects often depend...

The Complete Guide to IT Security Salaries in 2017

With 96% of HR managers now using IT certifications as screening or hiring criteria during recruitment, getting certified is an essential...

APs_Beacon – With this script you can spam WiFi APs/Hotspots

With this script you can spam WiFi APs. How to run it? Download “APs_Beacon.sh” and “SSID_List.txt” or type “git clone...

BlackOrphan – Tool built with Bash/nodeJs mainly for gaining a remote shell access to a Linux Box

BlackOrphan is a tool built with Bash/nodeJs mainly for gaining a remote shell access to a Linux Box BlackOrphan is a tool built with...

Linux Soft Exploit Suggester – Search Exploitable Software On Linux

linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on...

10 Tips for CCNA Certification Exam Success

Getting ready to take the CCNA/CCENT/CCDA/CCNA Security certification exam? We asked InfoSec Institute professors and industry experts to...