Ethical hacking and penetration testing

A rule-based attack is the flexible generation and filtering of password candidates. Despite all its capabilities, this attack is not omnipotent. Consider the following example. There is a word seesaw and ones need to replace the character “s” with the character “$”. For example, in John the Ripper you canRead More

Electronic mail (e-mail) is ubiquitous. Regular communication takes place through mail, spam is sent through mail, phishing attacks are carried out through mail, and scammers send letters. In addition to the information displayed (the text of the letter, the To and From fields), emails also contain headers with technical andRead More

How to add Swap file in Kali Linux If you do not have enough RAM, you can add a Swap file. If you do not have enough RAM with the existing swap file/partition, you can create a larger swap file and use only it create an additional swap file andRead More

Table of contents 1. New Wi-Fi security audit guide 2. Up-to-date Wi-Fi security audit tools 3. Command summary for Wi-Fi security audit 4. Stop processes that might interfere with handshake and PMKID capturing 5. Manage with wireless network interfaces 6. Handshakes and PMKID capture 6.1 Attack all APs 6.2 Attack a specific AP 7. Convert captured data to hashRead More

What's New in Wi-Fi Security Auditing The article “Hacking Wi-Fi without users” showed a new type of attack on Wi-Fi that does not require users to be deauthenticated or even present in order to capture the data needed to decrypt the wireless network password. This attack is described by atom,Read More

VeraCrypt is absent in the standard Tails repositories. But you can still install it manually. VeraCrypt has a portable version, so you can save it to the Persistent folder and it will be available to you after each Tails reboot. By the way, in Tails there is a program forRead More

VeraCrypt is the successor of the TrueCrypt program. It is designed to encrypt disks and provides very strong security. The program is completely free, the source code is open, the author of the program regularly releases updates that not only fix errors, but also bring new functions and improvements. InstallingRead More

Table of contents 1. SMB and network folders discovering. Shares and files enumeration 1.1 Samba utilities 1.2 SMB discovering via port scanning 1.3 enum4linux 1.4 nullinux 1.5 SMB Spider 1.6 acccheck 1.7 CredNinja 1.8 SMBMap 1.9 SPARTA 1.10 SMBCrunch 1.11 NetBIOS Share Scanner 1.12 NMBscan 1.13 Online scanners on SuIP.biz 2. Man-in-the-middle attack on SMB. Relays 2.1 Responder 2.2 Inveigh 2.3 Intercepter-NG 2.4Read More

Table of contents 1. What is NetBIOS? 2. NetBIOS Services 2.1 Name service (NetBIOS-NS) 2.2 Datagram distribution service (NetBIOS-DGM) 2.3 Session service (NetBIOS-SSN) 3. NetBIOS name vs Internet host name 3.1 NetBIOS name 3.2 Internet host name 4. How to detect NetBIOS 5. nbtstat 6. Wireshark filters for highlighting NetBIOS traffic 7. LMHOSTS file 8. NetBIOS exploitation 8.1 Invoke-Inveigh 8.2 Responder 8.3 NMBscan 8.4 NetBIOS Share Scanner 8.5 NBTscan 8.6 nbtscan-unixwizRead More

OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiasts. Mutillidae can be installed on Linux and Windows using LAMP, WAMP, and XAMMP. With dozens of vulns and hints to help the user; this is an easy-to-use web hacking environment designed for labs,Read More