When testing a web application with multiple roles, a common
Continue readingFile Transfer and cmd.exe with MSPaint
Let’s pretend you are on a locked down environment, and
Continue readingNmap Probing, Service Detection, and NSE Overview
Since Nmap is probably the most widely used port scanner
Continue readingCookie Theft with Cross-site Scripting (XSS)
Simple proof on concept stealing cookies on a page vulnerable to
Continue readingCIS AWS Benchmark Script
Recently (2-29-2016) the Center for Internet Security (CIS) came out
Continue readingMan-in-the-Middle SMB Hash Capture with Ettercap and Metasploit
Today, I’ll show you how to leverage that MitM position
Continue readingARP Cache Poisoning Man-in-the-Middle with Ettercap
Man-in-the-Middle attacks are good to have in your bag of
Continue readingThe sethc backdoor…
I first head about this backdoor a long time ago and
Continue reading