Ethical hacking and penetration testing

Do I need to obfuscate JavaScript JavaScript code works in web browsers of users and is available to them for analysis and other actions. If you asked yourself the question “Why should I obfuscate my JavaScript code?”, there are some reasons why it is recommended to protect the code, forRead More

The “JavaScript Attacks” article shows examples of bypassing JavaScript protection on a website. It is clear that there is a case study there, so it is pretty pointless. Let’s take a more real situation. In the article “How to see locked HTML code, how to bypass social content lockers andRead More

Let's consider what standard (default) credentials are in Kali Linux and how to change them. Kali Linux user password What is the password Kali Linux LIVE When booting a LIVE image, login credentials are not required. Running commands with sudo also does not require passwords. What is the default passwordRead More

Drivers for graphics card and CPU to brute-force password If you wonder how to crack passwords with GPU and CPU in Linux than continue reading. This article shows what drivers and programs to install so that hashcat and similar brute-force programs can use a GPU and CPU to crack passwords.Read More

How to bypass JavaScript-based protection JavaScript is one of the most popular languages used in websites. Due to this popularity, you can find a wide variety of JavaScript usage examples. Of these, the most meaningless are: JavaScript access control JavaScript protection of part or all of the content JavaScript dataRead More

Web browser Developer Tools (DevTools) are a powerful tool for debugging web sites. Using the Developer Tools it is possible to make any changes to the HTML markup, styles and JavaScript code on the fly, observing the changes in real time. The changes made disappear immediately after reloading the page.Read More

What is obfuscation? Obfuscation is source code modification as a result it becomes difficult to read and understand, but so that its functionality does not change. Obfuscation is used for source code in interpreted (rather than compiled) programming languages. That is, it is JavaScript, PHP, obfuscation can be used forRead More

Apparently, my email address got into some kind of phishing database and therefore the article “How NOT to do phishing attacks” will now have a sequel. I was again sent a phishing email and again in 5 minutes I found a bunch of phishing sites, downloaded phishing scripts (others) andRead More

Someone tried to steal my email password. And in 5 minutes I found out the attacker’s mail addresses, his server’s IP and all the domains belonging to him for phishing attacks, received the source code of his tools, the bot’s telegram API, and maybe even the attacker's IP and hisRead More

This article is about the sshprank tool, which is a fast network scanner looking for SSH servers. The program searches for computers running SSH and tries to log in using the specified credentials, that is, it performs automated brute-force attack. Also, the program is able to very quickly grab bannersRead More