web analytics

Responsible Disclosure Gone Wrong – Unpatched Zero-Days in the Wild for Microsoft Edge and Internet Explorer

Setting Up Your Hacker Environment

John The Ripper – Password Cracking

Nmap – The Ultimate Host Scanner

Avoiding Your Best Defenses With PowerShell

Currently Browsing: Hacking Tutorials

Hacking Age of Empires 2

One comment

In this tutorial, we will hack the famous Age of Empires 2 game with Cheat Engine. Cheat Engine is an open-source debugger designed specifically to support the modification of single-player games which is perfect for this style of reverse engineering. Our goals for this first tutorial will be to identify where our resources are stored […]

CONTINUE READING

Common Privilege Escalation Vectors For Windows and Linux

No comments

When you initially exploit a system you will usually have a limited shell, especially when conducting client-side exploits. The next step will be upgrading from this shell to a new one with root/system privileges. There are varied methods to accomplishing this escalation which differ highly depending on whether it is a Windows or Linux system. […]

CONTINUE READING

Creating Custom Malware with MSFvenom

No comments

When Offensive Security combined MSFpayload and MSFencode into one solidified MSvenom framework they enabled penetration testers to quickly create custom malware and shellcode. Try it yourself to see how easy it is to get a remote shell on a victim’s computer 1 – First you need to determine what format you want your malware to […]

CONTINUE READING

Akamai Report Details Over 30 Billion Credential Stuffing Attacks in 2018

No comments

Credential stuffing is far from a new technique yet people’s propensity to re-use credentials has escalated the number of organizations trying to gain initial access through this vector. The opportunity for credential stuffing occurs when a data breach of user names and passwords is stolen from an organization. The hacker takes the hashed passwords and […]

CONTINUE READING

Walkthrough of a Computer Network Attack

No comments

In this guide, I will put together an example attack against one of metasploitable’s vulnerable Linux virtual machines. If you plan on replicating this, you must ensure you do not expose the metasploitable VM to the outside network otherwise anyone may attack your machine. On VMware there is a “Host-only” setting for your network adapter […]

CONTINUE READING

Own A Server With A Remote File Inclusion

No comments

Remote File Inclusions (RFIs) is similar to a Local File Inclusion (LFI) and occur when a HTML GET request has an unsanitized variable input. Unlike a LFI, Remote File Inclusions allow you to reach across the internet and execute any file you desire. Combine this with hosting your own malicious php reverse shell, and you […]

CONTINUE READING

A Guide to Local File Inclusion (LFI) Attacks

No comments

Local File Inclusions occur when an HTTP-GET request has an unsanitized variable input which will allow you to traverse the directory and read files. This attack can often provide key information during a reconnaissance and can sometimes be used to gain remote code execution. A website will indicate it is getting variables with a ? […]

CONTINUE READING

Setting Up Your Hacker Environment

No comments

Before you can execute your first exploit you need to get set up with the right environment. For any beginners, Kali Linux is the best place to start. It is an open source Linux distribution that comes complete with the tools necessary to begin advanced penetration testing. To get running with your own Kali environment, […]

CONTINUE READING