Web Application Pentesting – Manual SQL Injection With Error Based String Method
SQL injection is the code injection technique to gain access to the database(MySQL, MSSQL, Oracle etc). Owasp 2018 Release still describes this injection as an A1 or Level 1 injection which is the most dangerous attack of all time.SANS Top 25(Most...
WAFW00F – Web Application Firewall Detection Tool Using Kali Linux
Web application attacks expanding day by day, Attacker wants to exploit flaws in their applications, and Website administrator best way to detect attackers' footprints in websites' Web Application Firewall.This will be detecting and block the specific patterns on the...
Load Balancer – How Does it Work With the Reconnaissance Phase During Penetration Testing?
Load Balancer basically helps to distribute the network traffic across multiple servers to improve the network and application performance. the Reconnaissance work on target to find out target domain has a load balancer so that penetration testing does not...
EgressBuster – A Pentesting Tool to Compromise Victim via Command & Control using Firewall
Network Firewalls acts as a fortification to keep the internal corporate network secure. Many people often think as it is protecting a device from incoming traffic. Most outbound connections are insecure without egress traffic filtering.If Egress Traffic Filtering failed...
Netcat vs Cryptcat – Remote Shell to Control Kali Linux from Windows machine
Netcat is a good build network debugging tool, which can read and write data across computers using TCP or UDP, it is also called TCP/IP utilities.It is capable to act as a master and slave to do file transfer,...
DNS Shell – Tool to Compromise and Maintain Control Over Victim Machine
DNS Shell protocol runs on the application layer of the TCP/IP Model. When an attacker or pentester tries to exploit DNS with RCE vulnerability (Remote Command Execution) destination server acts as the backdoor.Tool is a python-based Exploitation tool to compromise and also maintain...