877.791.9571 |

About the Author:

Rohit Shaw is a Certified Ethical Hacker works as a Information Security Consultant. He has experience in pentesting, social engineering, password cracking and malware obfuscation. He is also involved with various organizations to help them in strengthening the security of their applications and infrastructure.
SQLtrunc05132014

SQL Truncation Attack

The SQL Truncation vulnerability is a very interesting flaw in the database. The successful exploitation of this issue leads to user account compromise, as it means an attacker can […]

dexter04152014

Murdering Dexter

In this article we are going to solve a Bot challenge. The name of the bot is Dexter and the vulnerable VM which we are going to use is […]

Xerxes03112014

Xerxes Challenge

In this article we are going to solve another challenge of Xerxes. Xerxes is historically known as a god king, but here Xerxes is a vulnerable machine and our […]

DrunkAdmin02282014

Drunk Admin Web Hacking Challenge

This challenge includes a web application generally designed for image hosting. The application has a few vulnerabilities. The challenge is to exploit the application’s vulnerability and find the hidden […]

RecycleBin02122014

Recycle Bin Forensics

An icon on the Windows desktop represents a directory in which deleted files are temporarily stored. This enables you to retrieve files that you may have accidentally deleted. From […]

skype02102014

Skype Forensics

Skype is an application that enables voice and video calls, instant messaging, file transfers, and screen sharing between users. Millions of people download and use Skype everyday for voice […]

Hack-I-Bank-Pro02032014

Hack I-Bank Pro

In this article we are going to see some major vulnerabilities typical of a remote banking application. We found an interesting vulnerable machine created by PHDays team. We hosted […]

r00t-01132014

R00t This Box

Here’s a challenge, root this box. We found a vulnerable machine named Hackademic RTB1. The main challlenge is to root the box with admin privileges and capture the flag.

First, […]

nexpose12272013

Vulnerability Assessment with Nexpose

Nexpose is one of the leading vulnerability assessment tools. The Nexpose community edition is a free program and the other editions are paid ones. In this article, we will […]

metasploit-01

Vulnerability Scanning with Metasploit: Part II

In the previous article, we learned how to perform a network vulnerability assessment by using the OpenVAS plug-in. In this continuation, we will see how to perform a web […]

metasploit-01

Vulnerability Scanning With Metasploit Part I

Metasploit Framework, the Metasploit Project’s best-known creation, is a software platform for developing, testing, and executing exploits. It can be used to create security testing tools and exploit modules […]

FBI-TOR-Exploit-11262013

The FBI TOR Exploit

,

The Tor network is an anonymizing network that allows people to browse the web and access other services without being traced. As part of this network, there is the […]

W7Exploit11222013

Windows 7 Exploitation

,

Microsoft Windows 7 is much more secure than Microsoft Windows XP. The Windows XP operating system has lots of OS vulnerabilities and the malware infection rate is also very […]

malicious-pdf-11202013

Analyzing Malicious PDFs

,

PDF files have become very common in everyday work. It’s hard to imagine business proposals without PDFs. The PDF format is used in almost all companies to share business […]

SimCard11192013

SIM Card Forensics: An Introduction

The SIM (subscriber identity module) is a fundamental component of cellular phones. It also known as an integrated circuit card (ICC), which is a microcontroller-based access module. It is […]

FileCarving10042013

File Carving

File carving is a process used in computer forensics to extract data from a disk drive or other storage device without the assistance of the file system that originality […]

Social09232013

Social Engineering: A Hacking Story

In this article I am going to discuss social engineering attacks, starting with the questions: “What is social engineering?” and “What are the types of these attacks?” Apart from […]

mailvelope09132013

Email encryption: Mailvelope

Between constant password breaches and the NSA looking in on everything you do, you’ve probably got privacy on the mind lately. If you’re looking for a little personal privacy […]

OpenSourceIntelligence09112013

OSINT (Open-Source Intelligence)

With an estimated 80% of required information available for use in an open source for specific information vital for a deep analysis in newspapers, magazines, industry newsletters, television transcripts, […]

phishing09102013

Phishing with Data URI

Phishing

Phishing is a method of e-mail fraud that is used to gather personal and financial information from the recipients. According to Wikipedia, phishing is the act of attempting to […]