security

DDoS attack with Torshammer Tool

Step by step instructions to perform a DDO attack on a website and bring down the website

Kennedy Muthii5 min read
security

5 Most Used Tools to Dox Someone [Free and Paid]

5 paid and open source doxing tools to dox someone using different methods

Kennedy Muthii6 min read
security

Snapchat Phishing using Grayfish [100% Working]

Step by step instructions to perform snapchat phishing using grayfish. Hack snapchat account using grayfish with examples

Kennedy Muthii5 min read
security

Spectre v2 mitigation leaves CPU vulnerable to RETBleed attacks in Ubuntu

The other day I noticed this specific message on the console of Virtual Box VM installed with Ubuntu 22.04 RETBleed: WARNING: Spectre v2 mitigation leaves CPU vulnerable to RETBleed attacks, data leaks possible! As you …

Deepak Prasad5 min read
security

How to perform Evil Twin WiFi Attack [Step-by-Step]

Step by Step instructions to perform evil twin wifi attack on WPA/WPA2 devices. Use airgeddon to perform evil twin wifi attack on Kali Linux

Kennedy Muthii6 min read
security

How to set up WordPress Reverse Shell [100% Working]

Step by Step instructions to setup wordpress reverse shell using 3 different methods. Setup reverse shell using metasploit framework, vulnerable plugins, editing wordpress themes.

Deepak Prasad6 min read
security

Steps to embed payload in PDF [100% Working]

step by step instructions to embed payload in pdf to attack a windows system. Get backdoor access to windows system by exploiting a pdf file

Kennedy Muthii6 min read
security

Using WPA2 WiFi Honeypot for Ethical Hacks [Step-by-Step]

Create a malicious WiFi honeypot to steal passwords and other personal information of our targets.

Kennedy Muthii7 min read
security

Easy OSINT using infooze tool V 1.0 [With Examples]

Infooze is an open source intelligence tool made with Nodejs and automates the information gathering process helping the user gather information in a quicker

Kennedy Muthii6 min read
security

Damn Vulnerable Web Application hacking [Top 3 Easy Exploits]

Damn Vulnerable Web Application hacking [Top 3 Easy Exploits] damn vulnerable web app Hello learners, in this guide we will be learning how to execute web attacks on Damn Vulnerable Web App. DVWA is an open source …

Kennedy Muthii6 min read
security

How to create windows undetectable payload - technowlogger

A keylogger is a tool mainly used by hackers to collect user input data on a device. An example of a keylogger is the technowlogger. Over the years, hackers

Kennedy Muthii5 min read
security

Social Engineering Toolkit Credentials Phishing [5 Easy Steps]

In some Kali Linux distributions, social engineering toolkit is already installed. To install SET, we will clone it from its official github repository as

Kennedy Muthii5 min read
security

Use SocialFish V3.0 for simplified phishing [Step-by-Step]

Hello learners, in this guide we will be using socialfish to acquire credentials form our target. In the previous guides we learnt what is social engineering

Kennedy Muthii5 min read
security

How to install Caine 11.0 VM [Step-by-Step]

Hello learners, in this guide I will be showing you how you can install Caine forensic operating system as a virtual machine. The full meaning of the word

Kennedy Muthii6 min read
security

3 easy steps to obfuscate android payload to avoid detection [ApkBleach]

Hello learners, in the first part of our android payload guide, we embedded an android payload to a legitimate application. The application is however getting

Kennedy Muthii5 min read
security

Complete Shodan Tutorial | The Search Engine for Hackers

Shodan is a search engine but very different from regular search engines like Google, Yahoo, Bing, etc., which search the web for standard websites. Shodan

Deepak Prasad7 min read
security

Encode message in image with Steganography [Step-by-Step]

In this tutorial we learn about 3 different tools which can be used to encode or decode messages inside image using steganography.

Kennedy Muthii6 min read
security

Analyze phishing email using Thephish [100% Working]

In this tutorial we shared step by step instructions to analyze phishing email using ThePhish which uses other open source yet powerful tools (MISP, Cortex and TheHive).

Kennedy Muthii5 min read
security

How to bypass CSRF Protection [5 Different Methods]

In this article, we have learnt about what is an CSRF attack and how we can use CSRF attacks to exploit and also bypass CSRF protection.

Deepak Prasad7 min read
security

Analysing Volatility Memory Dump [6 Easy Steps]

In this step by step tutorial we were able to perform a volatility memory analysis to gather information from a victim computer as it appears in our findings. We were able to discover a malware which has camouflaged as a …

Kennedy Muthii7 min read
security

Create phishing campaign with Gophish

Step by step instructions to create a phishing campaign using gophish framework. We have configured sending profile, added the sending profile and templates required to carry out the phishing tests.

Kennedy Muthii5 min read
security

Use Burp Suite Proxy to Intercept Network Traffic [Step-by-Step]

Step by step instructions to setup and configure burp suite proxy to intercept network traffic with examples.

Deepak Prasad9 min read
security

Embed Metasploit Payload on APK on Android File [Step-by-Step]

Step by Step instructions to use metasploit and kali linux to embed a payload on apk file using FatRat.

Kennedy Muthii7 min read
security

BEeF Hacking Framework Tutorial [5 Easy Steps]

Step by step instructions to use beef hacking framework with example. Beef hacking framework is a powerful tool that can be leveraged by systems security professionals to try and design systems especially web apps which …

Kennedy Muthii6 min read
security

DVWA SQL Injection Exploitation Explained (Step-by-Step)

SQL injection proves to be a critical vulnerability that can exist in a system. The DVWA acts as a reliable resource for both penetration testers who want to improve their skills and web developers who want to develop …

Deepak Prasad6 min read
security

Password Cracker - John The Ripper (JTR) Examples

John The Ripper (JTR) is one of the most popular password cracking tools available in most Penetration testing Linux distributions like Kali Linux, Parrot OS, etc

Deepak Prasad6 min read
security

Defensive Programming Techniques Explained with Examples

Defensive programming can be tough to write source code, but it results in high- quality foolproof code

Deepak Prasad6 min read
security

How to stop ICMP ping flood attack (DOS) on Linux

Prevent ping flood attack in Linux using iptables and firewalld for both IPv4 and IPv6. Apply hash limit to ICMP Echo request to control ping flood in Linux and Unix servers.

Deepak Prasad7 min read
security

How to disable ICMP and ICMPv6 redirects in Linux

Steps to block and disable ICMP redirects for IPv4 and IPv6 in Linux using firewalld and accept_redirects. You can disable these if host is not running as a router.

Deepak Prasad4 min read
security

How to disable SELinux (with and without reboot)

What is SELinux and how can i disable SElinux permanently with or without reboot. Change SELinux mode runtime using setenforce. Enable permissive mode for individual service

Deepak Prasad8 min read