The intention of this article is to show how dangerous a cross-site request forgery (CSRF) vulnerability can be. It will be presented for the D-Link DIR-600 router (Hardware Version: Bx; Firmware Version: 2.16, which was the latest version at the moment of writing this article).
The CSRF vulnerability […]
Before understanding what XSS Shell is, let us recall a few basics of XSS (Cross Site Scripting).
XSS is one of the most common vulnerabilities that exist in many web applications today. XSS is a technique through which the attacker tries to compromise the web application by executing a malicious […]
In this series of articles, I am going to demonstrate how you can manually exploit the vulnerability of a web application, compared to using any automation tool, in order to find vulnerabilities in the application. Almost all companies worldwide focus on manual testing of web application rather than running […]
Here’s a challenge, root this box. We found a vulnerable machine named Hackademic RTB1. The main challlenge is to root the box with admin privileges and capture the flag.
First, we hosted the vulnerable image in VMware with bridged mode network settings. Our target is ready, but we don’t know […]
Passwords have been part of IT since long before the age of the desktop PC. However, now more than ever, systems administrators need to re-examine their password security policies to remain effective against modern programs and computers that can crack weak passwords in minutes.
Basic eight-character passwords can now be […]
This article introduces the OSI model of internet communication, and describes ARP spoofing. It’s used to attack hosts in a Local Area Network (LAN). Passive and active sniffing are described. Finally, the mitigation of ARP spoofing is briefly discussed.
2. The OSI model
This model describes the structure of internet […]
Nexpose is one of the leading vulnerability assessment tools. The Nexpose community edition is a free program and the other editions are paid ones. In this article, we will use the free Nexpose community edition, which has the ability to scan 32 hosts. The user interface is clean and […]
This post deals with the step-by-step security testing guidelines for Adobe CQ installation.
Adobe CQ is Adobe’s new Web Experience Management software portfolio which provides easy-to-use web apps for creating, managing and delivering online experiences to its users. It also supports integration with other Adobe products. CQ provides a unified […]
As we all know, wireless networks are spread at each and every part of the world, starting from personal home to corporate business environments, schools/universities, cafes, etc. The major merit of wireless networking is to eliminate the big and untidy cables, which acquires space and unspoils the look of […]
In the previous article, we learned how to perform a network vulnerability assessment by using the OpenVAS plug-in. In this continuation, we will see how to perform a web application vulnerability assessment by using the wmap plug-in.
WMAP is a feature-rich web vulnerability scanner that was originally created from a […]
Metasploit is exquisitely prevalent amongst penetration testers and especially hackers because it makes it very easy to develop and launch exploits for software vulnerabilities. This paper exclusively demonstrates how to configure and practice Metasploit, which is a penetration testing platform for developing and launching exploits. This research paper primarily […]
Cross-site scripting (XSS) is a very popular term, not just among web application security guys, but also among developers, where popping an alert box with a message in it is a HUGE hit.
Among the locations where XSS is generally found in a web application, the most common is a […]
In the first part of SSL attacks, we have seen details about two attacks, namely BEAST (browser exploit against SSL/TLS attack) and SSL renegotiation attack. In this second part, we are going to deal with CRIME, TIME, and Lucky13 attacks. Let us proceed further and try to understand each […]
Android Application Penetration Testing: Setting up, Certificate Installation and GoatDroid Installation
To begin with mobile application penetration testing on the Android platform, we have multiple tools available that can be easily downloaded and installed to prepare the environment testing.These tools will help us to set up a virtual device serving as a smart phone using Android and the mobile application […]
Metasploit Framework, the Metasploit Project’s best-known creation, is a software platform for developing, testing, and executing exploits. It can be used to create security testing tools and exploit modules and also as a penetration testing system. It was originally created as a portable network tool in 2003 by HD […]
Clickjacking or the UI redress attack is a relatively new type of malicious attack that targets mainly web applications. It works by superimposing a webpage over another existing web page using an iframe, and the user interacts with the malicious superimposed page while presuming that he is interacting with […]
During penetration testing, sometimes you get stuck with a secure environment where all the servers and end-clients are fully patched, updated, firewalled, and have anti-virus software installed. Network firewall rules have been configured properly, and all internal clients are NATed to the Internet. A network-based IDS/IPS sensor is out […]
VulnVPN has been created by the author of http://www.rebootuser.com/ and I must say that it is a very good effort. The goal is to gain root access to a VPN server, and this article will take you through each step of the process.
Setting up VulnVPN and Backtrack
VulnVPN download link: […]
The Tor network is an anonymizing network that allows people to browse the web and access other services without being traced. As part of this network, there is the so-called “darknet,” servers accessible only through Tor, which host a variety of services from forums to e-mail.
It does this by […]
All systems and database administrators will agree that password complexity does not go very far when it comes to SQL servers. Whether this is done to keep troubleshooting simple for support staff or it is simply a matter of underestimating the risks, it doesn’t really matter. What matters is […]