Persistence via Creating a Windows Service
In this scenario, we assumed that we have a reverse shell to the victim’s machine and want persistence on the machine. For this, we will use Windows services. First, we start with creating a malicious…
Embed Payload in PDF File
In this article, I want to show you how to embed payload in PDF with EvilPDF tool. By the end of the article, you will be able to embed payload in PDF, and get a…
Solutions for TryHackMe Password Attacks Task 5: Offline Attacks
This is the solution for TryHackMe Password Attacks Task5: Offline Attacks. The only tool is used in Task 5 is hashcat and it is a password recovery tool. The tool has both Linux, OS X…
A New Multi-OS RAT?
A threat actor calling herself as ‘0xFF’ advertised a new RAT in HackForums. According to the threat actor, this new RAT tool is supporting Windows (amd64, i386, arm, arm64), Linux (amd64, i386, arm, arm64), Darwin…
Importing Module in Powershell
Modules are typically work in Powershell directly. “Get-Module” command can be used to see imported modules. “Get-Module -ListAvailable” command show the modules available. For the additional modules we want to use, we should import them…
Subdomain Enumeration
Subdomain enumeration is an information gathering technique. It can be used to define the all sites opened to the internet in a company. In large organizations, it is very common to have some forgotten websites…
New Tools of Kali
Kali Linux 2021.2 is released with some new tools called Kaboxer and Kali-Tweaks and some cosmetic changes. Kaboxer provides dockers to use applications that they cannot work in newly OSs anymore or need isolation. Kali-Tweaks…
Ingress Tool Transfer (MITRE ATT&CK T1105)
Attackers may need to download some tools to perform different actions on victim machine. Mostly, these can be some tools to help scan networks to move laterally, or make the attacker permanent on the victim…
How to Install Metasploit on Ubuntu
If you are familiar with infosec, you must know already what Metasploit is. So, I will not explain it here again. Metasploit is a predefined tool in Kali but if you use Ubuntu like me,…
C&C with Empire – A Mitre Att&ck T1071 and T1086 Demo
“.. a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz,…
Credential Dumping – Attack and Defense Techniques (MITRE ATT&CK T1003)
Credential Dumping As MITRE says on its website, adversaries dump credentials to obtain login credentials to perform lateral movement when they got access to a computer. Several tools and techniques may be used to dump…
Dark Web; Anonymity and Privacy
While talking on Dark Web, one is the most confused concepts with Dark Web is Deep Web. But first, I want to touch Surface Web. Surface Web is the indexable part of the internet. This…
Creating Wordlist for Brute Force Attack
Brute force is an old attack technique but it can be still gold. For brute force attack, we need a wordlist/password list that will be tried by the tool we use, including possible passwords. Then,…
TOR As A SOCKS Proxy
Almost all applications and web sites are trying to learn who we are and what we are looking for on the internet. These informations are being used for many different reasons like advertisements and to…