Source: www.hackerfans.ml
Wednesday, August 2, 2017
Tuesday, August 1, 2017
CTF of infosecinstitute
hello guys rainy day little bit boring lets catch some flag .. lets start
here is link http://ctf.infosecinstitute.com/levelone.php
1#> level one is so easy just view source code and top line ##<!-- infosec_flagis_welcome -->
2# > the image is looks like broken but its not, Check source code
here is link http://ctf.infosecinstitute.com/levelone.php
1#> level one is so easy just view source code and top line ##<!-- infosec_flagis_welcome -->
2# > the image is looks like broken but its not, Check source code
Saturday, May 13, 2017
Best books, tutorials and courses to learn about exploit development
The best resources for learning exploit development
Exploit development is considered to be the climax in the learning
path of an ethical hacker or security professional. It is strongly
advisable to have mastered the basics before delving into this topic.
Exploit development is hard and it’s not something you learn at school
or university (usually), not something any of your geek friends will
talk about all day long. Only those who are brave to study hard can
achieve the joy of controlling the EIP, popping a shell and taking
control of a machine while the oblivious user yells at Microsoft for the
nth crash of his beloved program.
What are the prerequisites for learning about exploit development?
Well, if you want to comprehend and hopefully start developing your own exploits you should have at least a basic knowledge of x86/64 bit system architecture (Windows, Linux or Mac according to your target), low level programming, possibly assembly, C/C++ or Python is fine as well for many
Monday, May 1, 2017
Saturday, April 22, 2017
Exploiting Eternalblue for shell with Empire & Msfconsole
In this tutorial we will be exploiting a SMB vulnerability using
the Eternalblue exploit which is one of the exploits that was recently
leaked by a group called the Shadow Brokers. Eternalblue exploits a
remote code execution vulnerability in SMBv1 and NBT over TCP ports 445
and 139. At the time of writing it targets a wide range of Windows
operating systems, from Windows XP up to Windows Server 2012. The
currently available exploits do not target Windows 10 and Windows Server
2016 but most likely will in the near future when they are being
modified.
Quick Start Getting Started with Empire
Initial Setup
Run the ./setup/install.sh script. This will install the few dependencies and run the ./setup/setup_database.py script. The setup_database.py file contains various setting that you can manually modify, and then initializes the ./data/empire.db backend database. No additional configuration should be needed- hopefully everything works out of the box.Running ./empire will start Empire, and ./empire –debug will generate a
Sunday, March 19, 2017
Thursday, February 23, 2017
11-Year Old Linux Kernel Local Privilege Escalation Flaw Discovered
Another privilege-escalation vulnerability has been discovered in Linux kernel that dates back to 2005 and affects major distro of the Linux operating system, including Redhat, Debian, OpenSUSE, and Ubuntu.
Metasploitable3
Metasploitable3 is a free virtual machine that allows you to simulate attacks largely using Metasploit. It has been used by people in the security industry for a variety of reasons: such as training for network exploitation, exploit development, software testing, technical job interviews,
Hakin9 Open – How To Become a Hacker
Dear readers,
Due to popular demand we decided to prepare a special issue dedicated to those of you that seek an answer to the ultimate question: “How to become a hacker?”. book from here
Stalkscan scary scanner
Stalkscan is a free online service that enables you to look up any Facebook user's public information using Facebook's own APIs.
Subscribe to:
Posts (Atom)