web-application-hacking

You are at:Home»Category: "Web Applications"

Browsing: Web Applications

In this section we will be publishing hacking tutorials related to pentesting web applications and webservers. You’ll be learning how hackers enumerate usernames on the very popular WordPress CMS and how passwords are bruteforced with wpscan. If you want to learn more about web vulnerability scanners like Nikto and Uniscan, you’re in the right section.

Exploit tutorials

By Hacking TutorialsDecember 17, 2021 0

Log4Shell VMware vCenter Server (CVE-2021-44228)

Log4Shell is a critical vulnerability with the highest possible CVSSv3 score of 10.0 that affects thousands of products running Apache Log4j and leaves millions of targets potentially vulnerable. CVE-2021-44228 affects log4j versions 2.0-beta9 to 2.14.1.…

Web Applications

By Hacking TutorialsNovember 14, 2017 0

Discovering subdomains with Sublist3r

Today we’re going to do a small tutorial on subdomain enumeration with a tool called Sublist3r. Whether you’re a penetration tester enumerating possible attack vectors or a bug bounty hunter looking for domains that are in…

Web Applications

Webserver fingerprinting with Uniscan in Kali Linux

By Hacking TutorialsAugust 10, 2015 2

Uniscan Webserver fingerprinting in Kali Linux

Uniscan is a simple but great tool for Remote File Include, Local File Include and Remote Command Execution vulnerability scanner. In this tutorial we will be exploring the webserver fingerprinting functionality in Uniscan on Kali Linux.…

Metasploit Tutorials

By Hacking TutorialsJune 28, 2015 0

Websploit Cloudflare Resolver module

In this tutorial we will be testing and using the Cloudflare resolver module in Websploit on Kali Linux. Cloudflare is a company that provides a content delivery network and distributed DNS (Domain Name Server) services, sitting…

Metasploit Tutorials

By Hacking TutorialsJune 7, 2015 1

Websploit Directory Scanner – Scanning webserver directories

In the next few tutorials I will explain how to use the different Websploit modules. WebSploit is an open source project for web application assessments. In this tutorial we will be using the websploit directory…

Web Applications

By Hacking TutorialsJune 3, 2015 22

How to hack a WordPress website with WPScan

This tutorial in the category Wordpress hacking will teach you how to scan WordPress websites for vulnerabilities, enumerate Wordpress user accounts and brute force passwords. Enumerating WordPress users is the first step in a brute force attack in order…

Web Applications

Scanning Webservers with Nikto Kali Linux

By Hacking TutorialsMay 31, 2015 3

Scanning Webservers with Nikto for vulnerabilities

Nikto is a very popular and easy to use webserver assessment tool to find potential problems and vulnerabilities very quickly. This tutorial shows you how to scan webservers for vulnerabilities using Nikto in Kali Linux. Nikto comes…