Category: Reconnaissance

  • digital world.local: Vengeance Walkthrough – OSCP Way

    digital world.local: Vengeance Walkthrough – OSCP Way

    Vengeance is one of the digital world.local series which makes vulnerable boxes closer to OSCP labs. This box has a lot of services and there could be multiple ways to exploit this, Below is what I have tried. Lab requirement: 1. Kali VM 2. Download Vengeance: https://www.vulnhub.com/entry/digitalworldlocal-vengeance,704 3. Some patience. I have written article already…

  • Ways to search files in Kali – which, locate and find

    Ways to search files in Kali – which, locate and find

    Kali is the one of the best operating system for Pentesting and hacking. After BackTrack, this is the only operating system I have used, since I think 2015.It has a lots of tools and features that will help you from information gathering to maintaining the access. This article is about Three tools that kali provides…

  • SQL INJECTION PART 4:Getting admin password

    SQL INJECTION PART 4:Getting admin password

    SQL injection is one of the most dangerous attack on websites. Many manually created dynamic website do not have input filtration and thus leveraging themselves to this attack. This article will guide you on how to perform SQL Injection to get the admin password in a modsecurity environment in which the union and select command…

  • BOB Walkthrough: Vulnhub CTF Challenge

    This article is a walkthrough on how I solved Bob CTF challenge. You can download Bob CTF via this link: https://www.vulnhub.com/entry/bob-101,226/. It is a Beginner to intermediate challenge and at the end we have to gain the root access and get the flag. So let’s do this: To find the vulnerable machines through your attacking machine: http://www.anonhack.in/2018/06/part-2-finding-the-ip-address-of-your-victim-in-your-vmware-hacking-lab-network/…

  • JIS-CTF- Jordan Infosec Capture The Flag Challenge – Walkthrough

    JIS-CTF- Jordan Infosec Capture The Flag Challenge – Walkthrough

    This article is a walk through on Jorder InfoSec CTF challenge: https://www.vulnhub.com/entry/jis-ctf-vulnupload,228/ This is a basic web challenge consisting of 5 flags. I ran it on Virtualbox with bridged mode. This app doesn’t require kali os. You can do it on windows as well. To find the vulnerable machines through your attacking machine: http://www.anonhack.in/2018/06/part-2-finding-the-ip-address-of-your-victim-in-your-vmware-hacking-lab-network/ Let’s see the…

  • SMTP – Extracting Emails

    In my article about What is SMTP?, We took a look on what exactly SMTP works for! In SMTP – Extracting Emails, I will be providing a tutorial on Extracting Emails from the SMTP server. There are several programs and scripts that are available for Gathering emails from a website. So It would be pretty…

  • The Art Of Getting Everything!

    It’s intriguing isn’t it? You can get any resource over the internet! I am writing this article because there is this thing I want to share with you people, i.e., You can get anything over the web and with anything I meant EVERYTHING. Now you might be saying is that some kind of joke isn’t…

  • Sniffing And Spoofing

    In this article I want to give you a sneak peak about what actually sniffing and spoofing means and then we will move on to how to do it in order to gain access to a remote computer. So here the first term which is sniffing. Sniffing: Sniffing as a hacking terminology is the way…

  • Network Mapping

    Network Mapping is the technique through which you map the architecture of a network. It works simply that means after getting information from Whois database and Domain Name system, Its time when you know the ranges of IP addresses and confirming the “Live” targets. We find live targets with the help of ICMP port probes…

  • DNS Reconnaissance

    DNS Reconnaissance is one of the basic steps and most important part of hacking. DNS stands for Domain Name Server, it keeps tracks of the record of IP addresses, services and resources connected to the Internet. Now as we know that computer works on binary numbers…So they would not actually understand the meaning of “www.google.com”,…