Netdiscover – Live Host Identification
Netdiscover - simple ARP Scanner to scan for live hosts in a network Netdiscover is a simple ARP scanner that can be used to scan for live hosts in a network. It can scan for multiple subnets also. It simply produces the output in a live display(ncurse). This can be used in the first phases of a pentest where you...
Burpsuite – Use Burp Intruder to Bruteforce Forms
Using Burp Intruder to Bruteforce passwords. Burpsuite is a collection of tools and plugins for any web application security testing bundled into a single executable jar file. It contains about 8 useful tools for performing spidering, fuzzing, decoding etc. But the prime feature is that, it is an intercepting proxy which works on application layer. So even HTTPS connections passing...
Getting Started with Wireshark: Network Traffic Analysis
Wireshark is a powerful and widely-used network protocol analyzer that allows users to capture and interactively browse the traffic running on a computer network. This guide will walk you through the basics of how Wireshark works, how to analyze network traffic, its features, and technical specifications. How Wireshark Works Wireshark captures data packets traveling over a network. It operates at the...
Update Nmap in Kali Linux
Install & Update Nmap in Kali Linux Rolling, Sana & earlier versions This tutorial will show you how to update nmap in kali linux 2.0. Nmap 7.0 was released earlier this month. Refer to here to view What's New in Nmap 7. Kali Rolling comes with nmap v7 by default. Still you can use the steps below to update nmap or...
Introduction to OpenVAS: Open-Source Vulnerability Scanning
In the rapidly evolving world of cybersecurity, maintaining a robust defense against vulnerabilities is crucial for any organization. OpenVAS (Open Vulnerability Assessment System) is an open-source solution that provides comprehensive vulnerability scanning capabilities. This guide will delve into how OpenVAS works, its technical specifications, and how companies can effectively use it to scan for vulnerabilities. What is OpenVAS? OpenVAS is a...
NMAP 7.0 Released
NMAP 7.0 What's New ? Nmap has always been the king of scanners for a Security professional. After 18 years from it's first release, the 7th version has been released. This is the current major & stable release containing about 330 significant improvements. Over all this period, the developers have managed to improve the speed of scans, add more functionalities, include...
SQLMAP – Introduction & Automation of SQLi
Basic Operation of SQLMAP & enumeration of Server through automatic SQL Injection. SQLMAP is a database pentesting tool used to automate SQL Injection. Practically using sqlmap, we can dump a whole database from a vulnerable server. SQLMap is written in python and has got dynamic testing features. It can conduct tests for various database backends very efficiently. Sqlmap offers a highly...
World Wide Live Attack Map & Analytics
Ever wanted to see live DOS attacks across the globe? There is a website from a security firm that shows live attacks from all over the globe including the protocol information, IP addresses and country. All this information is put together in a wonderful hacker-like map. Live attacks & traffic are shown once you start the live view. The website...
macof
MAC Flooding with MACOF & some major countermeasures Macof is a member of the Dsniff suit toolset and mainly used to flood the switch on a local network with MAC addresses. The reason for this is that the switch regulates the flow of data between its ports. It actively monitors (cache) the MAC address on each port, which helps it...
Stagefright – All you need to know
Find out whether your device is vulnerable & Defend against Stagefright Vulnerability Stagefright is one of the latest large scale vulnerabilities that swept up to a billion android devices all over the world. Basically speaking, stagefright vulnerability is the flaw which allows an attacker to control your android device by sending you an MMS message. It can be through your carrier services...
