Pentest lab – Metasploitable 2

Today I will walk through different ways of exploiting Metasploitable 2, the newer release of Rapid7’s popular vulnerable machine. First, what is Metasploitable? Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. In my lab environment, the IP […]

Metasploitable 2 vulnerability assessment

A vulnerability assessment is a crucial part in every penetration test and is the process of identifying and assessing vulnerabilities on a target system. In this part of the tutorial we will be assessing the vulnerabilities available on the network side of the Metasploitable 2 virtual machine. We will be assessing the web applications on the […]

A New Attack for Wi-Fi Has Been Released Called wifiphisher

A new Attack for Wi-Fi has been released called Wifiphisher. This attack is a play on old tricks using a Man-in-the-Middle and phishing attack. It works by selecting a target router then kicking their connection which forces them to connect to you instead of their router. When they do they are asked for their Wi-Fi […]

Hack Wi-Fi Using Wifite in Kali / Backtrack

In this article series, we will look at a tool named Wifite suitable for automated auditing of wireless networks. Most of you who have experience in wireless pentesting would use tools like airmon-ng, aireplay-ng, airodump-ng, aircrack-ng to crack wireless networks. This would involve a sequence of steps, like capturing a specific numbers of IV’s in […]

How to Crack WPA2 WiFi Password Using Reaver (99%)

WPS exists in most routers for easy setup process through the WPS pin, which is hard-coded into the wireless access point. Reaver takes the advantage of a vulnerability in WPS. Thanks to Craig Heffner for releasing an open-source version of this tool named Reaver that exploits the vulnerability. In simple terms, Reaver tries to bruteforce […]

Wifi Hacking with Evil Twin Attack using Linset

Note: For “Evil Twin Attack” , we are using Linset Tool in WiFiSlax operating system.  Wifislax is an open source Linux operating system based and inspired by the Slackware Linux distribution. It’s main goal is to support the latest Wi-Fi technologies. The system provides out-of-the-box support for a wide range of wireless and wired network […]

Metasploitable 3 – Máy ảo phục vụ Hacking Webserver

Metasploiable 3 là một máy ảo cài hệ điều hành Windows Server 2008 R2 Standard được Rapid7 làm sẵn chứa các lỗ hổng để phục vụ cho việc thử nghiệm thâm nhập Các bạn có thể đọc thêm thông tin từ trang của Rapid 7 (Tiếng Anh): tại đâyGitHub: https://github.com/rapid7/metasploitable3Phần 1: Import máy ảo vào Vitural BoxCác […]

Hack Web Server THEROCK v1 { Using the MsfGUI to Grab A Shell and Transfer a File }

Chuyên đề Hack TheRock qua MS 08_067, lỗi cũ nhưng thuộc hàng kinh điển nên cần phải nhuần nhuyễn. Đây là các bài tập bắt buộc dành cho học viên khóa học Hacker Mũ Trắng CEh v9 https://cehvietnam.com/2017/03/01/dao-tao-hacker-mu-trang-ceh-v9-2017-certified-ethical-hacker-version-9/  của CEH VIETNAM. Bài lab quan trọng nhất của loạt seri này là : Hardening THEROCK Fix […]