Down in the weeds with sqlmap
Here I plan to take a look at sqlmap and the capabilities that it provides in order to identify weakness in security so that this weakness can be addressed before a breach occurs. The tool sqlmap, like...
View ArticleCreate a penetration testing lab and let the hacking begin
If you are interested in sharpening your skills or simply interested in getting started with penetration testing this this article will be of interest. The hard cold truth is that under no...
View ArticleFingerprinting a web server with httprecon
Web applications unfortunately are vulnerable and for this reason they are often the gateway for attacks. An attacker is going to perform reconnaissance to understand where a weakness may reside. Of...
View ArticleMetagoofil makes metadata extraction easy
Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf, doc, xls, ppt, docx, pptx, xlsx) belonging to a given target or victim website. The tool will...
View ArticleCracking MD5 using Hashcat
If you are not familiar with Hashcat then you are in luck. Before I get started, Wikipedia states Hashcat is the self-proclaimed world’s fastest CPU-based password recovery tool. It is available free...
View ArticleFind and correct WordPress vulnerabilities using WPScan
If you run a WordPress based website then you should sit up, pull out your notepad, and carefully consider the idea of running WPScan on your site in order to if you have any security vulnerabilities...
View ArticleCreate a custom wordlist using SmeegeScrape for use in forensics or pentesting
If you working either in forensics or penetration testing you will absolutely come across the need to create a custom word list. You may be thinking to yourself a custom word list is not needed because...
View ArticleUsing the web application attack and audit framework known as w3af to test...
w3af is a Web Application Attack and Audit Framework is an amazing tool that is written in Python and has the capability to find more than 200 defined vulnerabilities. Not only does it look for the...
View Article