Hacking Tutorials
Recently a “design flaw” in the Microsoft Exchange’s Autodiscover protocol was discovered by researchers that allowed access to 372,072 Windows domain credentials and 96,671 unique sets of credentials from applications such as Microsoft Outlook and third-party email clients. According to Amit Serper , the person who discovered the flaw, the…
A week before the 2019 holidays Citrix announced that an authentication bypass vulnerability was discovered in multiple Citrix products. The affected products are the Citrix Application Delivery Controller (formerly known as NetScaler AD), Citrix Gateway NetScaler ADC (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP appliance. Exploiting the vulnerability…
For all scans so far, we’ve only used the default scan configurations such as host discovery, system discovery and Full & fast. But what if we don’t want to run all NVTs on a given target (list) and only test for a few specific vulnerabilities? In this case we can…
In the previous parts of the Vulnerability Scanning with OpenVAS 9 tutorials we have covered the installation process and how to run vulnerability scans using OpenVAS and the Greenbone Security Assistant (GSA) web application. In part 3 of Vulnerability Scanning with OpenVAS 9 we will have a look at how…
Is the previous tutorial Vulnerability Scanning with OpenVAS 9.0 part 1 we’ve gone through the installation process of OpenVAS on Kali Linux and the installation of the virtual appliance. In this tutorial we will learn how to configure and run a vulnerability scan. For demonstration purposes we’ve also installed a…
CVE-2019-19781: Citrix ADC RCE vulnerability
A week before the 2019 holidays Citrix announced that an authentication bypass vulnerability was discovered in multiple Citrix products. The affected products are the Citrix Application Delivery Controller (formerly known as NetScaler AD), Citrix Gateway…
TP Link Archer C5 Router Hacking
Today we got our hands on a brand new TP Link Archer C5 router which we will be testing for known vulnerabilities such as hidden backdoors and vulnerabilities, brute force default passwords and WPS vulnerabilities.…
The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
Recently a “design flaw” in the Microsoft Exchange’s Autodiscover protocol was discovered by researchers that allowed access to 372,072 Windows domain credentials and 96,671 unique sets of credentials from applications such as Microsoft Outlook and…
Latest Hacking Tutorials
During the last 3 months it was more quiet than usual on Hacking Tutorials. In this period less tutorials and articles were publish on Hacking Tutorials but there was a very good reason for that. For the last 3 months I have followed Offensive Security’s Penetration testing with Kali Linux (PWK) course and got certified as OSCP. In this article I will be reviewing the courseware, the labs and the brutal 24 hour exam. We will also look at which prior knowledge would be beneficial during the course and how to get this knowledge. We will conclude this article with some tips and hints that helped me passing the exam. OSCP courseware and videos The Penetration testing with Kali Linux courseware contains a PDF file and instruction videos on all subjects. The course covers many different subjects such as passive and active information gathering with many different tools but also writing simple buffer…
In this article on Hacking Tutorials we will be looking at a new penetration testing course priced at only $99,- offered by a newcomer on the block: The Virtual Hacking Labs. The Virtual Hacking Labs & Hacking Tutorials offer a full penetration testing course that includes access to an online penetration testing lab for practical training. The penetration testing lab contains 30 vulnerable machines that can be used to practice penetration testing techniques and tools in a safe way. All vulnerable machines and scenarios are based on real life scenarios as you would encounter on real company networks. After completing the courseware and the lab machines the student will have a good understanding of basic penetration testing techniques and practical experience applying these techniques. Penetration Testing Courseware The penetration testing course and the virtual labs are targeting both beginning and experienced penetration testers. The courseware covers subjects like enumeration, vulnerability assessments and exploitation from the ground up…
The other day, I stumbled across an interesting blog post with the subject Certified Ethical Hacker (CEH) vs. Offensive Security Certified Professional (OSCP) . . . and How to Start Your Ethical Hacker Career”. I did not only read this article but I devoured it and kept nodding my head, in agreement, as I read through it. I am at a stage of my ethical hacking career that I am seriously considering the notoriously difficult OSCP certification. Let me explain why I would introduce a blog post on Certified Ethical Hacker review by mentioning another post comparing CEH to OSCP. After reading the post, I immediately shared it with my colleagues. One of them will be undertaking the CEH course and exam shortly. He asked me to advise him on how to approach this undertaking. His request is in a way, what prompted me to write this post. Before I…
Metasploitable 3: Meterpreter Port forwarding
In this Metasploitable 3 Meterpreter Port forwarding hacking tutorial we will learn how to forward local ports that cannot be accessed remotely. It is very common and good practice to run specific services on a local…
Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
For all scans so far, we’ve only used the default scan configurations such as host discovery, system discovery and Full & fast. But what if we don’t want to run all NVTs on a given…
Malware Types Explained
In this article we will be looking at the different kinds of malware and what they do. When performing static or dynamic malware analysis it is crucial to have a good understanding of the different…
Discovering subdomains with Sublist3r
Today we’re going to do a small tutorial on subdomain enumeration with a tool called Sublist3r. Whether you’re a penetration tester enumerating possible attack vectors or a bug bounty hunter looking for domains that are in…
