Ethical hacking and penetration testing

Table of contents 1. The basics of generating dictionaries/wordlists 2. Rule Based Attack 3. Generation of dictionaries based on information about a person 4. Compiling word lists and lists of usernames based on the website 5. How to create a variable-length masked dictionary 6. How to crack a hash when nothing is known about the passwordRead More

Crunch VS Hashcat Crunch is a wordlist generator where you can specify a standard character set or a character set you specify. crunch can generate all possible combinations and permutations according to given criteria. The data that crunch outputs can be displayed on the screen, saved to a file, orRead More

How to generate and modify dictionaries according to the given rules To generate dictionaries, there are maskprocessor and Crunch programs that are very flexible in customization. They allow you to create any dictionaries that can be described with rather complex rules or a certain pattern, for example, dictionaries with: phoneRead More

The PHP interpreter has become an essential part of almost every web server. The vast majority of web applications are written in PHP. Therefore, many people associate PHP technology with the web environment, with the environment of the web server. But in reality, you can run PHP scripts without aRead More

Table of contents 1. Introducing and Installing John the Ripper 2. Utilities for extracting hashes 3. How to start cracking passwords in John the Ripper (how to specify masks, dictionaries, hashes, formats, modes) 4. Practical examples of John the Ripper usage 5. Rule-based attack 6. How to brute force non-standard hashes 6.1 How toRead More

Disadvantages of Rule-Based Attacks The method of filtering only suitable password candidates using Rule Based Attack, shown in the article “How to create dictionaries that comply with specific password strength policies”, is not always convenient. More precisely, it is convenient when working with existing dictionaries. If using this method toRead More

Usually, when we install a Linux distribution on a laptop, often Wi-Fi support is present in whole or in part for most models. The drivers are integrated into the Linux kernel and as a result, everything “just works” out of the box. But problems start if there is no driverRead More

Table of contents 1. What is MySQL for 2. MySQL client and server 3. Installing MySQL on Kali Linux 4. Kali Linux replaced MySQL with MariaDB 5. Setting up MySQL on Kali Linux 6. Starting and enabling MySQL autorun 7. Setting and changing the MySQL password. Reset forgotten MySQL/MariaDB password 8. How to connect toRead More

Table of contents 1. Network services in Kali Linux 2. Apache on Kali Linux 2.1 Configuring virtual hosts 2.2 Frequently used directives 2.3 Authentication requirement 2.4 Access contol 3. MySQL on Kali Linux 3.1 Solving the problem with error “#1698 - Access denied for user ‘root’@’localhost’” in Kali Linux 3.2 MySQL password in Kali Linux 3.3 How toRead More

A web server is a very useful thing for a penetration tester. Examples of using: phishing attacks substitution of the original site for DNS spoofing disclosure of the target's IP address using social engineering placement of scripts for collecting data for XSS vulnerabilities collecting data from compromised systems, placing filesRead More