What is DNS Spoofing? DNS spoofing is a part of computer hacking in which searched domain names are diverted to some other incorrect IP address due to which the traffic of the victim’s system is diverted to attacker’s system. Using DNS spoofing poison is injected into the address resolution protocol of the victim. Consider that […]
Fiqhy Bismadhika
Ad immortalitatis et aurea era
Monthly Archives: May 2019
May 14
WPScan Basics
What is WPScan? WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites.
May 14
Nikto Basics
What is Nikto? Nikto is a free software command-line vulnerability scanner that scans web servers for dangerous files/CGIs, outdated server software and other problems. It performs generic and server type specific checks. It also captures and prints any cookies received.
May 13
Nmap Basics
What is Nmap? Network Mapped (Nmap) is a network scanning and host detection tool that is very useful during several steps of penetration testing. Nmap is not limited to merely gathering information and enumeration, but it is also powerful utility that can be used as a vulnerability detector or a security scanner.
May 13
Maltego Basics
What is Maltego? Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet.
May 12
Website Cloning with SE Toolkit
What is Website Cloning and SE Toolkit? Website cloning is an action to create an exact copy of a website, which usually used to find vulnerabilities and develop exploits on the cloned website. In this case, website cloning is used to act as a fake website that will receive input from users such as login […]
May 12
Android Hacking with MSFvenom
What is Smartphone hacking and MSFvenom? Smart phone hacking is a practice whereby a third party gains access to an individual’s smartphone through a variety of methods, mostly using a dangerous application that provide remote access to the listener or hacker. MSFvenom is an instance of Metasploit framework and a combination of Msfpayload and Msfencode. msfvenom replaced both […]
May 11
CVE 2014-6271 Exploitation with Metasploit
What is Metasploit? Metasploit is a penetration testing framework that makes hacking simple. It’s an essential tool for many attackers and defenders. Point Metasploit at your target, pick an exploit, what payload to drop, and hit Enter. Metasploit Framework is a software platform for developing, testing, and executing exploits. It can be used to create security testing […]
May 11
Using Custom Certificate with Burp Proxy
What is Burp Proxy? Burp Proxy lies at the heart of Burp’s user-driven workflow. It operates as a web proxy server between your browser and target applications, and lets you intercept, inspect and modify the raw traffic passing in both directions. Burp Suite Proxy also gives you a direct view into how your target application works […]
May 10
Credential Sniffing with TCPDump
What is TCPDump? Tcpdump is a type of packet analyzer software utility that monitors and logs TCP/IP traffic passing between a network and the computer on which it is executed, or more technically a packet sniffer. Using tcpdump command we can capture the live TCP/IP packets and these packets can also be saved to a […]
