WPScan is a vulnerability scanner for WordPress powered sites. It is a ‘black box’ scanner, that is, it operates without access to website source code. It can be used to discover security issues of remote WordPress sites. The vulnerability search process is as follows: For the specified site, it searchesRead More
How to install and use Ruby on Windows
Why install Ruby Ruby is a scripting language, that is, pre-compilation is not required to run programs. In this sense, Ruby is an analogue of PHP, Python, PERL and others. Ruby is a fairly popular language and many interesting programs are written on it; in scope of InfoSec, the well-knownRead More
How to use Hashcat to crack passwords containing non-Latin characters
If a password contains Russian, Chinese, Arabic characters or any other non-Latin (non-English) characters, then it can also be cracked in Hashcat, but it also requires an understanding how computers work with strings and encodings, especially when launching a mask attack. We will consider two cases when the password containsRead More
Internet archives: how to retrieve deleted information. How to restore sites from Internet archives
What is Wayback Machine and the Internet Archives In this article we will consider Web Archives of sites or Internet archives: how to recover removed from sites information, how to download non-existent anymore sites and other examples and use cases. The principle of operation of all Internet Archives is similar:Read More
Utilities for information gathering, OSINT and network analysis in Windows and Linux
Table of contents 1. How to install Habu on Windows 2. Program to find sites with the same IP in Windows 3. Windows program for searching by username 4. Traceroute in Windows 5. How to scan ports in Windows 6. How to scan a file by all antivirus programs in Windows 7. WHOIS in Windows 8. Quick wayRead More
How to install Python and PIP on Windows 10. How to set up Python as a web server module
Python is currently very popular and many tools for information gathering, scanning, penetration testing, and security assessments are written in Python. All these tools work seamlessly on Linux. But in fact, the vast majority of tools can work on Windows as well, most of them require just a simple PythonRead More
How to save all information from Facebook profiles
In this article, we will talk about the Ultimate Facebook Scraper (UFS) program. It saves photos, videos, messages, lists of friends, colleagues, etc., events and all other information from the Facebook user profile. You can specify a list of a large number of users and UFS will save their informationRead More
How to find and analyze information in RAM
When searching for information on a computer, you need to remember that it is located not only in data storage devices (solid state drives, hard drives, removable media, etc.), but also in RAM, in the processes. Information when located on the hard disk and in RAM is not the same:Read More
Tracerouting networks with complex topology. How to detect NAT
There are plenty programs to track the route packets, you can get to know with them in the detailed article on trace route methods and programs called ‘Trace route tools and methods’ (by the way, it is recommended that you start acquaintance with it). The current article will again touchRead More
How to open and exploit .DS_Store
What are DS_Store files and why are they needed .DS_Store are files in the Apple OS X operating system, they store user settings for a folder, such as the list of files, the location of the icons, the selected background image. The name is short for Desktop Services Store. TheseRead More