Posts

Use Metasploit's WMAP Module to Scan Web Applications for Common Vulnerabilities

Having an efficient workflow is an integral part of any craft, but it's especially important when it comes to probing apps for vulnerabilities. While Metasploit is considered the de facto standard when it comes to exploitation , it also contains modules for other activities, such as scanning . Case in point, WMAP, a web application scanner available for use from within the Metasploit framework. A web application scanner is a tool used to identify vulnerabilities that are present in web applications. WMAP makes it easy to retain a smooth workflow since it can be loaded and run while working inside Metasploit. This guide will feature DVWA (Damn Vulnerable Web Application) as the target and Kali Linux and Metasploit on the offensive. created:- SHASHIKA NIMSARA Step 1--- Set Up Metasploit Database *The first thing we need to do, if it's not done already, is set up the Metasploit database, since this particular module needs it in order to r

how to hack facebook using SQL

Hack a Facebook Account On XAMPP/WAMP Hack a Facebook Account on XAMPP or WAMP , 5 Steps how to hack a facebook account and to answer some question on request tutorial page. In the last tutorial 5 steps how to hack a facebook account , we use the online free hosting for the step by step tutorial . Today we will try to do that in our local environment by using XAMPP or WAMP server. The purpose of this tutorial is sometimes we want to make sure the setting was correct in local, so when we upload to real server it will works as we've already try in local. If you still don't know what is XAMPP and WAMP , XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. XAMPP is really very easy to install and to use – just download, extract and start. WampServer is a Windows web development environment. It allows you to create web applications with Apache2, PHP and a MySQL database . Alongside, PhpMyAdmin allows you to manage easily your databases.

Wi-Fi Jamming

Image
How To : Detect Script-Kiddie Wi-Fi Jamming with Wireshark Due to weaknesses in the way Wi-Fi works, it's extremely easy to disrupt most Wi-Fi networks using tools that forge deauthentication packets. The ease with which these common tools can jam networks is only matched by how simple they are to detect for anyone listening for them. We'll use Wireshark to discover a Wi-Fi attack in progress and determine which tool the attacker is using. Detecting Common Wi-Fi DOS Attacks While these script-kiddie attacks can be very disruptive, they can also be detected by a variety of free and open-source tools. Software like Wireshark can be quite overwhelming for a beginner, especially without knowing what you're looking for in the flood of information available. To get started detecting these attacks, we'll be using Wireshark to sniff packets

Hack Windows Password Using Live Kali linux

Prerequisites: bootable kali linux cd/usb to reset windows password we will use chntpw for editing the SAM database where Windows stores password hashes. What Is Chntpw? chntpw is a software utility for resetting or blanking local passwords used by Windows NT, 2000, XP, Vista, 7, 8 and 8.1. It does this by editing the SAM database where Windows stores password hashes.see more on wikipedia. What Is SAM Database? The Security Account Manager (SAM) is a database file in Windows XP, Windows Vista and Windows 7 that stores users' passwords. More on wiki and microsoft. Now Lets Start: Boot Windows Machine with the LiveCD. select Live open terminal mount partition on which Windows System files are installed(C: Drive of Windows). it name could be sda1, sda3 or something like like this. mount /dev/sda1 /mnt Go to Windows Password Database Directory generally located in /Windows/System