Thursday, October 22, 2020

Tutorials

All the articles under tutorials.

Tutorials

Home Tutorials
All the articles under tutorials.
Sqlmap

SQLMAP – Enumeration of Databases & Users from Vulnerable Web Forms

Sqlmap is a database assessment tool which pentesters & security researchers can use to enumerate databases of various types. Sqlmap...
ua-tester

Ua-tester – A tool for User Agent WAF, IDS/IPS, Redirection testing

UA-tester is a tool to check whether a website provides different pages for different user agents like for mobile, desktop...
WAFW00F

Reconnaissance, Identification & Fingerprinting of Web Application Firewall using WAFW00F

Web Application firewalls are typically firewalls working on the application layer which monitors & modifies HTTP requests. The key difference...
reaver

Reaver + PixieWPS – Tool to Bruteforce the WPS of a WiFi Router

Reaver is a tool to brute-force the WPS of a WIFi router. PixeWPS is a new tool to brute-force the...
Peepdf

PEEPDF : A One Stop Tool for PDF Document Forensic Analysis

Peepdf is a tool for forensic analysis of pdf documents. Most social engineering attacks use a malicious PDF document embedded...
Masscan

How to use Masscan to Enumerate Large Number of Hosts Quickly

Masscan has been around for some time now and already it's in use by pentesters all around. It's a reconnaissance tool which can...
mdk3

WiFi Stress Testing Using MDK3, Beacon Flooding & Deauthentication Attack.

MDK3 is a proof of concept tool. It is used for stress testing 802.11 networks(wifi). It consists of various methods...
Unicornscan

Unicornscan – Network Scanning Tool to Find the Open Ports

Unicornscan is an asynchronous network stimulus delivery/response recording tool. Meaning it sends out broken/unorganized/fragmented packets (without a regular pattern unlike...
thc-ssl-dos

THC-SSL-DOS – DoS Tool Against Secure Web-Servers and for Testing SSL-Renegotiation

THC is The Hacker's Choice. They are a group of hackers from Germany. Thc-SSL-dos is used for checking whether a...
netdiscover

Netdiscover – Live Host Identification

Netdiscover - simple ARP Scanner to scan for live hosts in a network Netdiscover is a simple ARP scanner which can...

Must Need

XSS Fuzzer

XSS Fuzzer : Tool Which Generates XSS Payloads Based On User-Defined...

XSS Fuzzer is a simple application written in plain HTML/JavaScript/CSS which generates XSS payloads based on user-defined vectors using multiple placeholders which are replaced...
BeRoot

BeRoot – Tool To Check Common Windows Mis-configurations

BeRoot is a post exploitation tool to check common Windows misconfigurations to find a way to escalate our privilege. It will be added to...
PRETty

PRETty : “PRinter Exploitation Toolkit” LAN Automation Tool

PRETty is useful when a large number of printers are present on a network. Instead of scanning, logging, and manually running PRET...
Reverse Shell

Reverse Shell Cheat Sheet 2019

If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step...
SVScanner

SVScanner – Scanner Vulnerability And MaSsive Exploit

SVScanner is a tool for scanning and massive exploits. Our tools target several open source cms. Requirements PHP 7 (version and up) Install Modules PHP...
SShuttle: Where Transparent Proxy Meets VPN Meets SSH

SShuttle: Where Transparent Proxy Meets VPN Meets SSH

SShuttle is a transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin....
Decker

Decker : Declarative Penetration Testing Orchestration Framework

Decker is a penetration testing orchestration framework. It leverages HashiCorp Configuration Language 2 (the same config language as Terraform) to allow declarative...