How to bruteforce a login page? – Blazy

What is Blazy? Blazy is a python script to bruteforce login pages. The script takes input from usernames.txt and passwords.txt and try every possible combination to find the correct authentication credentials. It can also check for login bypass via SQL injection and CSRF. Common usernames and passwords can be downladed online. kali linux has a […]

How to exfiltrate data using data exfiltration toolkit – DET ?

In this tutorial we will use Data Exfiltration Toolkit (DET) on a hacked pc to gather data. A compromised system can be infected with DET and send data over various protocols to a control server. All you have to do is setup a listening server on the attacker machine and deploy DET client on target […]

PowerHammer – Hackers can steal data from power cords and grids

We all have seen “in case of cyber attack, pull the Ethernet cables” meme. That wont stop hackers from accessing your PC anymore. Disconnecting your pc from network means no data leak or cyber attack right? No, A team of academics developed and tested malware that can exfiltrate data from  computers via power lines. The team […]

What is an Early bird code injection technique?

Evading anti malware software has always been a challenge for the hackers out there. Anti viruses are getting smarter everyday by using behavior analysis by implementing machine learning algorithms. Now hackers have developed a new code injection technique called Early bird. In simple words, As the name suggests the malware is injected to a working […]

torghost v2.0

TorGhost v2.0 Released!! – With instant IP switching

Torghost v1 is just a tool to route all connection through tor network. You can find more about basic working here TorGhost – channel all traffic through tor network in kali linux Whats new with torghost 2.0 Torghost comes with an update where you can change tor’s exit node instantly. It can interact with tor’s control […]

E book web aplication security handbook PDF Khromozome

Web application Hacker’s handbook 2 PDF

DOWNLOAD  Contents Chapter 1 Web Application (In)security Chapter 2 Core Defense Mechanisms Chapter 3 Web Application Technologies Chapter 4 Mapping the Application Chapter 5 Bypassing Client-Side Controls Chapter 6 Attacking Authentication Chapter 7 Attacking Session Management Chapter 8 Attacking Access Controls Chapter 9 Attacking Data Stores Chapter 10 Attacking Back-End Components Chapter 11 Attacking Application […]

Fireball malware

FIREBALL – Malware Alert! millions of systems infected again

After the WannaCry ransomware attack, checkpoint researcher has found a Chinese based threat operation called “FIREBALL”. The FIREBALL malware has affected more than 250 million computers across the globe, India being the most affected one contributing 10 percent. The malware is run by a Beijing based company called Rafotech. who sells digital stuffs and mobile […]

meterpreter rubber ducky attiny85

How to get meterpreter shell with a Rubber ducky – attiny85

In the previous blog i have introduced what is a rubber ducky and how to use attiny85 as a rubber ducky. If you haven’t read that, you can check it out here. This is an arduino based chip with a low space available. We cant load a huge payload in to the flash memory. Here […]

Rubber ducky, attiny85, mr robot hack, bad usb

1$ Rubber Ducky – Hack any PC within seconds MR.Robot style using Attiny85

We all have seen the hacking scenario in movies where the hacker plugs a USB and the whole system gets pwned. That scene is now possible. Hack5 have released their specially customized USB hardware called rubber ducky or bad USB for this plug and hack method. It can be loaded with codes to run pretty […]