Hack The Box or abbreviated as hackthebox, is an uncanny pentesting labs portal which allows everyone to collaborate, share and encourage people who are enthusiastic all about ethical hacking or pentesting. It offers an online platform to test and advance your skills in penetration testing and cyber security.
We can access this portal at https://www.hackthebox.eu/. Nevertheless, to get into this platform is not straightforward like others website which we can sign up easily. hackthebox made it a littlebit funny. Here we will explain Continue reading →
Nowadays, cyber attack has been increasing rapidly. All refferences had told us about the magnification. Thus, by protecting conventionally only is not enough, it needs more sophisticated actions for detecting the attack. One of the action is by implementing Network IDS/IPS within the infrastructure.
At this article, we will share one of the most usage network IDS/IPS. It is Snort. Snort is the most widely-used Network IDS/IPS that detects Continue reading →
Damn Vulnerability Web Application, also named as DVWA is a PHP/MySQL web application which is seriously vulnerable. It assists both the web developer and the professional pentester for testing the web application security through all variant methods of attack. Continue reading →
As we have known that Cisco is one of the biggest vendor of Network Devices besides its competitor such as HPE, Juniper and Huawei. At the beginning of March 2018, International Data Corporation (IDC) released an articel about The Top 5 Network Device Companies based on their revenue untill the end of 2017. The detail chart is showned by the figure Continue reading →
If we talk about Metasploit notably in Kali Linux, there is no enough time for discussing it. Eventhough it is a free version (not enterprise or Pro version), Metasploit Community version is fully enough for us to exploit a vulnerable system.
As described at their website, Rapid7 claimed that metasploit is the world’s most used penetration testing framework. Continue reading →
Along of 2017, We had known that the attacking of malware especially ransomware-wannacry was been the media headline news. Many people including both of private and governments should give all of their resources for taking over those incidents. According to the Mid-Year’s 2017 Cyber Attacks Report published by Check Point Software Technolgies Ltd, there are three main categories of malware attack Continue reading →
There is an interesting sample for practicing how to do a CTF (simple CTF). It is a VM which had been created by Pentesterlab Team. We can download the VM at the link. The VM is one of hundreds exercises develoved by Pentesterlab as part of the White Badge. The white badge is the easiest badge that covers a wide range of web vulnerabilities Continue reading →
Several months ago (and may be it’s still continuing), many windows hosts/computers had been infected and attacked by two major Ransomware. They are Wannacry and Petya/NonPetya. Refered to wired.co.uk, The Ransowmware spread was helped by a Microsoft Windows security vulnerability called EternalBlue. Continue reading →
As I was browsing about webshell exploit through google, I found an interesting challenge in Vulnhub. It was Hackademic RTB2 by mr.pr0n released at 6 September 2011. The Hackademic RTB2 was one of the series CTF named Hackademic by mr.pr0n at vulnhub. Actually, there was the first serie which was Hackademic RTB1. Nevertheless, I chose the second one firstly, hahahahaa. But I promise will give a post for the Hackademic RTB1 next week. Continue reading →
Several videos about hacking tutorials in youtube has own unique banner sticked at their terminal. Therefor, I was a curious a little-bit how make my terminal has a sticky banner too. After googling a bit time, I found a simple way for changing terminal’s banner at link https://null-byte.wonderhowto.com/how-to/change-your-terminal-header-0163720/.
Firstly, we need to install Figlet, It is an application for styling the terminal banner.