Penetration Testing
A Detailed Guide on Feroxbuster
Disk Group Privilege Escalation
Best Alternative of Netcat Listener
64-bit Linux Assembly and Shellcoding
Easy way to Generate Reverse Shell
Python Serialization Vulnerabilities – Pickle
Containers Vulnerability Scanner: Trivy
A Detailed Guide on Responder (LLMNR Poisoning)
Linux Privilege Escalation: DirtyPipe (CVE 2022-0847)
Windows Privilege Escalation: PrintNightmare
Windows Privilege Escalation: SpoolFool
Linux Privilege Escalation: PwnKit (CVE 2021-4034)
Linux Privilege Escalation: Polkit (CVE 2021-3560)
Multiple Files to Capture NTLM Hashes: NTLM Theft
Windows Privilege Escalation: sAMAccountName Spoofing
A Detailed Guide on Log4J Penetration Testing
PowerShell for Pentester: Windows Reverse Shell
Msfvenom Cheatsheet: Windows Exploitation
Windows Privilege Escalation: Kernel Exploit
Windows Privilege Escalation: Scheduled Task/Job (T1573.005)
Windows Privilege Escalation: HiveNightmare
Windows Privilege Escalation: Logon Autostart Execution (Registry Run Keys)
Windows Privilege Escalation: Boot Logon Autostart Execution (Startup Folder)
Windows Privilege Escalation: Stored Credentials (Runas)
Windows Privilege Escalation: Weak Registry Permission
Windows Privilege Escalation: Unquoted Service Path
Windows Privilege Escalation: Insecure GUI Application
Windows Privilege Escalation: Weak Services Permission
Windows Privilege Escalation (AlwaysInstallElevated)
Windows Privilege Escalation: DnsAdmins to DomainAdmin
MSSQL for Pentester: Extracting Juicy Information
MSSQL for Pentester: Command Execution with Extended Stored Procedures
MSSQL for Pentester: Stored Procedures Persistence
MSSQL for Pentester: Abusing Linked Database
MSSQL for Pentester: Abusing Trustworthy
MSSQL for Pentester: Command Execution with External Scripts
MSSQL for Pentester: Impersonate
MSSQL for Pentester: Metasploit
MSSQL for Pentester: Command Execution with CLR Assembly
MSSQL for Pentester: Command Execution with Ole Automation
MSSQL for Pentester: Discovery
MSSQL for Pentester: Command Execution with xp_cmdshell
Penetration Testing Lab Setup:MS-SQL
Windows Privilege Escalation: SeImpersonatePrivilege
Metasploit for Pentester: Creds
Metasploit for Pentester: Windows Hidden Bind Shell
Metasploit for Pentester: Migrate
Metasploit for Pentester: Inject Payload into Executable
Metasploit for Pentester: Clipboard
Metasploit for Pentester: Database & Workspace
Metasploit for Pentester: Sessions
Wireless Penetration Testing: SSID Discovery
Wireless Penetration Testing: Wifipumpkin3
Wireless Penetration Testing: Wifite
Wireless Penetration Testing: Bettercap
Wireless Penetration Testing: Aircrack-ng
Wireless Penetration Testing: Fluxion
Wireless Penetration Testing: Airgeddon
Wireless Penetration Testing: Detect Hidden SSID
Wireless Penetration Testing: PMKID Attack
Wireless Penetration Testing: Password Cracking
Wireless Penetration Testing: Fern
Remote Desktop Penetration Testing (Port 3389)
Anonymous Logins for Pentesters
A Beginner’s Guide to Buffer Overflow
Wireshark for Pentester: Decrypting RDP Traffic
Windows Privilege Escalation: SeBackupPrivilege
Wireshark for Pentester: Password Sniffing
Wireshark For Pentester: A Beginner’s Guide
Metasploit for Pentester: Mimikatz
Encrypted Reverse Shell for Pentester
Comprehensive Guide to AutoRecon
Thick Client Penetration Testing on DVTA
Thick Client Penetration Testing: Traffic Analysis
File Transfer Cheatsheet: Windows and Linux
Linux Privilege Escalation: Automated Script
Window Privilege Escalation: Automated Script
Firefox for Pentester: Hacktool
Android Pentest: Automated Analysis using MobSF
Android Penetration Testing: APK Reversing (Part 2)
Comprehensive Guide on Dirsearch (Part 2)
Android Penetration Testing: Apk Reverse Engineering
Thick Client Penetration Testing: Information Gathering
Comprehensive Guide on Dirsearch
Android Pentest: Deep Link Exploitation
Android Penetration Testing: WebView Attacks
Thick Client Pentest Lab Setup: DVTA (Part 2)
Android Penetration Testing: Frida
Thick Client Pentest Lab Setup: DVTA
Android Penetration Testing: Drozer
Android Hooking and SSLPinning using Objection Framework
Nmap for Pentester: Host Discovery
Nmap for Pentester: Output Format Scan
Nmap for Pentester: Vulnerability Scan
Android Pentest Lab Setup & ADB Command Cheatsheet
Linux for Beginners: A Small Guide (Part 3)
Linux for Beginners: A Small Guide (Part 2)
Android Application Framework: Beginner’s Guide
Implementation of Firewall Policies :FortiGate (Part 2)
Implementation of Firewall Policies :FortiGate (Part 1)
Password Dumping Cheatsheet: Windows
Linux For Beginners: A Small Guide
Firewall Lab Setup : FortiGate
Comprehensive Guide on Honeypots
Firefox for Pentester: Privacy and Protection Configurations
Firefox for Pentester: Privacy and Protection Add-ons
VULS- An Agentless Vulnerability Scanner
Docker for Pentester: Abusing Docker API
Docker for Pentester: Image Vulnerability Assessment
Docker for Pentester: Pentesting Framework
Penetration Testing on CouchDB (5984)
Penetration Testing on PostgreSQL (5432)
Penetration Testing on VoIP Asterisk Server (Part 2)
Penetration Testing on VoIP Asterisk Server
Comprehensive Guide on CryptCat
Comprehensive Guide to tcpdump (Part 3)
Comprehensive Guide to tcpdump (Part 2)
Comprehensive Guide to tcpdump (Part 1)
Beginners Guide to TShark (Part 3)
Beginners Guide to TShark (Part 2)
Steal Windows Password using FakeLogonScreen
Beginners Guide to TShark (Part 1)
Multiple Ways to Persistence on Windows 10 with Metasploit
Forensics Investigation of Ping Command
Linux for Pentester: Perl Privilege Escalation
Multiple Methods to Bypass Restricted Shell
Docker Installation & Configuration
Linux For Pentester: socat Privilege Escalation
Linux for Pentester: scp Privilege Escalation
Linux For Pentester: tmux Privilege Escalation
Linux for Pentester: ed Privilege Escalation
Linux for Pentester: sed Privilege Escalation
Linux for Pentester: pip Privilege Escalation
Linux for Pentester: git Privilege Escalation
Linux for Pentester: cp Privilege Escalation
Linux for Pentester: Taskset Privilege Escalation
Linux for Pentester: Time Privilege Escalation
Linux for Pentester: xxd Privilege Escalation
Linux for Pentester : ZIP Privilege Escalation
Linux for Pentester: APT Privilege Escalation
Linux for Pentester: CAT Privilege Escalation
Linux for Pentester: Find Privilege Escalation
Linux for Pentester: Wget Privilege Escalation
Dradis: Reporting and Collaboration Tool
Comprehensive Guide to Steghide Tool
Comprehensive Guide on fcrackzip Tool
Comprehensive Guide on Snort (Part 1)
Comprehensive Guide on Ncrack – A Brute Forcing Tool
Comprehensive Guide on Dymerge
Comprehensive Guide on Pydictor – A wordlist Generating Tool
Comprehensive Guide on Cupp– A wordlist Generating Tool
Comprehensive Guide on Dirbuster Tool
Comprehensive Guide on Gobuster Tool
Comprehensive Guide on Dirb Tool
Comprehensive Guide on Medusa – A Brute Forcing Tool
Comprehensive Guide on Hydra – A Brute Forcing Tool
Comprehensive Guide on SSH Tunnelling
Comprehensive Guide on SearchSploit
Comprehensive Guide on Sniffing
ExifTool : A Meta-Data Extractor
Retina: A Network Scanning Tool
Evilginx2- Advanced Phishing Attack Framework
Threat Detection for your Network using Kfsensor Honeypot
Post Exploitation on Saved Password with LaZagne
Penetration Testing on Memcached Server
Exploiting Windows using Contact File HTML Injection/RCE
Exploiting Windows PC using Malicious Contact VCF file
Get Reverse-shell via Windows one-liner
SMB Penetration Testing (Port 445)
A Little Guide to SMB Enumeration
Defend against Brute Force Attack with Fail2ban
Xerosploit- A Man-In-The-Middle Attack Framework
Meterpreter File System Commands Cheatsheet
Multiple Ways to Secure SSH Port
Multiple Ways to Bypass UAC using Metasploit
Windows Kernel Exploit Privilege Escalation
Multiple ways to Connect Remote PC using SMB Port
Multiple Ways to Get root through Writable File
Penetration Testing on X11 Server
Beginners Guide for John the Ripper (Part 2)
Beginners Guide for John the Ripper (Part 1)
Working of Traceroute using Wireshark
Linux Privilege Escalation: Python Library Hijacking
Linux Privilege Escalation using Capabilities
Exploiting Wildcard for Privilege Escalation
Linux Privilege Escalation by Exploiting Cron jobs
Linux Privilege Escalation using LD_Preload
Linux Privilege Escalation Using PATH Variable
Linux Privilege Escalation using Misconfigured NFS
Linux Privilege Escalation using Sudo Rights
Linux Privilege Escalation using SUID Binaries
Editing /etc/passwd File for Privilege Escalation
Capture NTLM Hashes using PDF (Bad-Pdf)
SNMP Lab Setup and Penetration Testing
Generating Reverse Shell using Msfvenom (One Liner Payload)
Bypass SSH Restriction by Port Relay
Port Scanning using Metasploit with IPTables
Understanding Guide to Mimikatz
Manual Post Exploitation on Windows PC (Network Command)
Bind Payload using SFX archive with Trojanizer
Post Exploitation Using WMIC (System Command)
Bypass Firewall Restrictions with Metasploit (reverse_tcp_allports)
Manual Post Exploitation on Windows PC (System Command)
Understanding Nmap Packet Trace
Nmap Scan with Timing Parameters
Nmap Scans using Hex Value of Flags
Forensic Investigation of Nmap Scan using Wireshark
Nmap for Pentester: Timing Scan
Nmap for Pentester: Port Status
How to Detect NMAP Scan Using Snort
Understanding Guide to Nmap Firewall Scan (Part 2)
Understanding Guide to Nmap Firewall Scan (Part 1)
Understanding Nmap Scan with Wireshark
Nmap for Pentester: Password Cracking
Network Scanning using NMAP (Beginner Guide)
Post Exploitation in Windows using dir Command
How to Configure Suricata IDS in Ubuntu
Detect SQL Injection Attack using Snort IDS
Check Meltdown Vulnerability in CPU
Network Packet Forensic using Wireshark
TCP & UDP Packet Crafting with CatKARAT
DOS Attack with Packet Crafting using Colasoft
Packet Crafting with Colasoft Packet Builder
DOS Attack Penetration Testing (Part 2)
DOS Attack Penetration Testing (Part 1)
Understating Guide of Windows Security Policies and Event Viewer
Post Exploitation for Remote Windows Password
Security Onion Configuration in VMware
IDS, IPS Penetration Testing Lab Setup with Snort (Manaually)
Android Mobile Exploitation with Evil-Droid
Msfvenom Tutorials for Beginners
Exploiting Remote Machine with Pastejacking
Exploiting Windows Machine with DDE Exploit
Wifi Post Exploitation on Remote PC
Beginner Guide to Classic Cryptography
WiFi Exploitation with WifiPhisher
4 Ways to Capture NTLM Hashes in Network
Penetration Testing Lab Setup:Cloud Computing
Penetration Testing Lab Setup: Memcached
Penetration Testing Lab Setup: Microsocks
Penetration Testing Lab Setup: Squid Proxy
Post Exploitation in VMware Files with Meterpreter
Lab Setup for VOIP Penetration Testing
Understanding Guide to ICMP Protocol with Wireshark
Telnet Pivoting through Meterpreter
SSH Pivoting using Meterpreter
VNC Pivoting through Meterpreter
FTP Penetration Testing on Windows (Port 21)
FTP Penetration Testing in Ubuntu (Port 21)
SSH Penetration Testing (Port 22)
Penetration Testing on Telnet (Port 23)
SMTP Pentest Lab Setup in Ubuntu (Port 25)
NetBIOS and SMB Penetration Testing on Windows (Port 135-139,445)
Penetration Testing on MYSQL (Port 3306)
Remote Desktop Penetration Testing (Port 3389)
MySQL Penetration Testing with Nmap
How to secure Ubuntu Server using Google Authenticator
Understanding Log Analysis of Web Server
3 ways to scan Eternal Blue Vulnerability in Remote PC
Beginner Guide to Meterpreter (Part 1)
Bypass UAC Protection of Remote Windows 10 PC (Via FodHelper Registry Key)
Bypass Admin access through guest Account in windows 10
Hack Legal Notice Caption of Remote PC
Exploit Windows PC using EternalBlue SMB Remote Windows Kernel Pool Corruption
Create SSL Certified Meterpreter Payload using MPM
Embedded Backdoor with Image using FakeImageExploiter
Exploit Windows 10 PC with Microsoft RTF File (CVE-2017-0199)
Exploit Windows 7 PC using Torrent File
Dump Cleartext Password in Linux PC using MimiPenguin
Stealing Windows Credentials of Remote PC with MS Office Document
Bypass Windows Login Password using Android Phone with DriveDroid
How to Delete Firewall Log in Remote PC using Metasploit
How to Enable and Monitor Firewall Log in Windows PC
Run OS Command against Multiple Session in Metasploit
Hiding Shell with Prepend Migrate using Msfvenom
Capture VNC Session of Remote PC using Msfvenom
Penetration Testing in Metasploitable 3 with SMB and Tomcat
Exploitation of Metasploitable 3 using Glassfish Service
Manual Penetration Testing in Metasploitable 3
Hack Metasploitable 3 using Mysql Service Exploitation
Perform DOS Attack on Metasploitable 3
Hack Metasploitable 3 using SMB Service Exploitation
Metasploitable 3 Exploitation using Brute forcing SSH
Hack Metasploitable 3 using Elasticsearch Exploit
FTP Service Exploitation in Metasploitable 3
Get Meterpreter Session of Locked PC Remotely (Remote Desktop Enabled)
Hack Locked PC in Network using Metasploit
Hack ALL Linux Kernel using Dirtycow Exploit (Privilege Escalation)
Hack Remote Windows PC using Office OLE Multiple DLL Hijack Vulnerabilities
How to Detect Meterpreter in Your PC
Penetration Testing in Active Directory using Metasploit (Part 2)
Hack Remote Windows PC using DLL Files (SMB Delivery Exploit)
Hack Remote Windows 10 PC using TheFatRat
Firewall Pentest Lab Setup with pfsense in VMware
Penetration Testing in Windows Server Active Directory using Metasploit (Part 1)
Capture VNC Session of Remote Windows PC by Payloads Injection
Hack Remote PC using Malicious MS Office Documents
Hack Remote Windows PC using Regsvr32.exe (.sct) Application Whitelisting Bypass Server
Wifi Penetration Testing using Gerix Wifi Cracker
Hack Remote PC using Microsoft Office Files (Macro Payloads)
Hack Locked Workstation Password in Clear Text
How to Detect Sniffer on Your Network
How to Create Botnet for D-Dos Attack with UFONet
Hack your Network through Android Phone using cSploit
Setup Firewall Pentest Lab using Clear OS
Hack Call Logs, SMS, Camera of Remote Android Phone using Metasploit
How to Setup VyOS (Virtual Router Pentest Lab)
2 Ways to Hack Windows 10 Password Easy Way
Dumping Clear-Text Passwords from Browsers using NetRipper
Privilege Escalation on Windows 7,8,10, Server 2008, Server 2012 using Potato
Hack Windows 7 Password from Guest Account using 2015-1701 Exploit (Easy Way)
How to Create unlimited Folder in Remote Victim PC using Metasploit
How to Access Unauthorized on Remote PC using Metasploit
Hack Remote PC using HTA Attack in SET Toolkit
Hack Windows Password in Clear Text using Mimikatz and Windows Credentials Editor
Session Hijacking using Ettercap, Hamster and Ferret (A Beginner Guide)
Hack Remote PC using WinRAR SFX Remote Code Execution Vulnerability
Hack Remote Windows PC using The Backdoor factory with Metasploit
Hack Remote PC using Fake Updates Scam with Ettercap and Metasploit
How to Hack Windows Wallpaper of Remote PC
How to Hack Saved sessions in Putty using Metasploit
Windows 7 Sticky Key Hack Attack using Metasploit
Magic Unicorn – PowerShell Downgrade Attack and Exploitation tool
sir, didn’t get this folder/file (/root/.msf4/local/msf.pls )
i’m using kali linux 1.0.7.
can you plz tell me where i get this file in kali linux?
thank you.
by default .msf4 is hidden in root directory press ctrl h
back track5 is no longer available can i install alternative it would be good be good for hacking kindly reply…..
use kali linux
take a look at this post-exploitation auxiliary module to cover footprints left after a successfully exploitation 😉
https://sourceforge.net/p/msf-auxiliarys/discussion/general/thread/642cc0f1/?limit=25
Oh…. Damn…
This Site is a treasure….
Sir, I want to work as cyber security expert so,what i need to do. Can you suggest or guide
Superb articles
can you write about openssl and how to use it.
You are best bro.Respect from Turkey.
Can you make one blog on Bloodhound ?
sure
Can trouble you to build a directory, put all kinds of tutorials together, thank you, read your tutorial feeling quite a lot!
Is there any YouTube channel of yours?
If yes then please provide me the link of it.
Sir,
will you please make an online book on these article?
These are very good blog but they are not organised well. I hope you can understand what I am saying.
This will be a great initiative.
Thank you
whiteSniper
Amazing hacking articles website
pls windows hacking without username and passwords find the public ip using shodan
Is it compulsory to install kali can’t I use it on ubuntu for hacking.
Yes, you can. But you need to install all the tools manually yourself. Kali has it all installed already.
làm sao cho 1 người mới bắt đầu anh có thể giới thiệu 1 blog không ạ
Packet Sniffing https
sir how to download this website offline
Great insight.You are awesome
Ηellο.Thiѕ article ѡas reallʏ motivating, еspecially beⅽause I
waѕ searching fօr thoughts оn this matter lɑst ThursԀay.
Thanks for sharing your skills with us. I searched a lot to find a source to learn hacking and finally your blogs fulfilled it.
Do you have any option for online classes???
hello sir, according to most posts made here, looks to be working with linux OS. could this mean that Linux is the best in ethical hacking? if so, which version of linux is best as far as hacking is concerned?
it personal… but most pentesting OS out there are linux. you can use kali, parrot, backbox… you can lookup there website for the latest release.
Hi, thanks for posting interesting content, but it would be better if less metasploit is used in the tutorials, thanks.
Hello raj..!!! How could I do a pentest to a cloud infrastructure (aws)?
Impressive content. This is absolutely a gold mine for the oscp enthusiasts.
Informative Website. Awesome platform for beginners and experienced Pentesters to sharpen their skills.
please categorise it under tags
hello raj i’m a silent reader here in your website and i have to say thank you to you because i’m now have a cybersecurity job
A lot of thanks to you for these blog. It’s very helpful for beginners. It would be more efficient if you create module & then serially organised these content..
@Raj, Hi Glad to see these articles. I must say these are very informative.
Just one thing, wanted to add…
If you can create a side bar with index and arrange the articles in such a way so that it will become easy for a beginner, who can start with basic topics and as moving ahead he/she may go with more advance writeups.
By doing so I think this blog will be more user friendly and helpful for learners. I can support you on this task voluntarily.