Category: Tutorials

  • Gaining access to SS7 – Part 1: Finding an access point

    Today I gonna try to write my very first „How To“, so… Never done that, never been there, show mercy! I decided to do that because I couldn’t find anything comparable on the internet so far and I thought maybe someone out there might be interested as well and might find some help in it…

  • My First SS7 attack

    I got a pm today asking me if I had “fully figured out and gained access to SS7 ?” Sadly the answer to parts A and B of that question is no, but I could have, I think. After much searching & scanning, I stumbled across a SGFW running default creds.Winner johnny… Full card… I…

  • The Dangers of Arbitrary Image Vulnerability

    Difficulty: Insane #NMAP: Nice, seems to be a WordPress site. Now let’s go browse. Being a wordpress site, I already know the login directory is wp-login.php. Navigate on it. The first thing I can think of is to use a fantastic tool, “wp-scan” and enumerate the users. Or see if we can find any vulnerabilities…

  • Testing School Website Security: Penetration Testing

    In this Article, I conduct a thorough penetration testing on my school’s website to ensure its security against potential cyber threats. By simulating various hacking techniques, I aim to uncover any vulnerabilities that could compromise sensitive information. Follow along as I demonstrate the importance of regular security assessments and how to protect your online assets.…

  • DevOps Penetration Testing: Securing Your Infrastructure

    In this video, we explore the world of DevOps penetration testing and how it can help secure your infrastructure. With the rise of DevOps practices, it’s crucial to ensure that your systems are protected from potential threats. Join us as we discuss the importance of penetration testing in a DevOps environment and how it can…

  • The Road to Cybersecurity Firm Success!

    Welcome to our video discussing the journey to success for cybersecurity firms! In this video, we dive into the steps and strategies that top-level organizations can take to stay proactive in cybersecurity measures. As cyber threats continue to evolve, cybersecurity firms play a crucial role in protecting businesses from potential attacks. By understanding the unique…

  • Mastering Joomla Penetration Testing: The Complete Guide

    Welcome to our comprehensive guide on mastering Joomla penetration testing! In this video, we will cover everything you need to know to effectively test the security of Joomla websites. From understanding common vulnerabilities to exploring advanced techniques, this guide will equip you with the knowledge and skills to confidently assess the security of Joomla sites.…

  • BassamCTF Walkthrough

    BassamCTF is an easy machine from Vulnhub. However, it requires a bit of enumeration that are straightforward. Find the IP address First of all, I identified the IP address of the target machine. Here, host ID 100 is my IP address, whereas 146 is the target. Scan open ports Next, I scanned open ports on…

  • A Detailed Guide on Ligolo-Ng

    This comprehensive guide delves into the intricacies of Lateral Movement utilizing Ligolo-Ng, a tool developed by Nicolas Chatelain. The Ligolo-Ng tool facilitates the establishment of tunnels through reverse TCP/TLS connections using a tun interface, avoiding the necessity of SOCKS. This guide covers various aspects, from the tool’s unique features to practical applications such as single…

  • Uncovering Vulnerabilities: Command Injection Penetration Testing

    In this video, we will be diving deep into the world of command injection penetration testing. Command injection is a type of vulnerability that allows an attacker to execute arbitrary commands on a system. By uncovering such vulnerabilities through thorough testing, we can prevent potential security breaches and protect our systems from malicious attacks. During…