PentestSkills Consulting

Practical Approach to Offensive Penetration Testing & Ethical Hacking

Exploiting MS17-010 without metasploit - BLUE Hack The Box without Metasploit

Reconnaissance First thing first, we run a quick initial nmap scan to see which ports are open and which services are running on those ports. nmap -sC -sV -O -oA initial 10.10.10.40 -sC: run default nmap scripts -sV: detect service version -O: detect OS -oA: output all formats and store...

READ MORE

Exploiting MS17-010 without metasploit - Legacy Hack The Box without Metasploit

Step 1. Reconnaissance. After planning and scoping, the first step in every penetration testing is Information Gathering and Vulnerability Identification or simply Reconnaissance. Most testers start with nmap, a powerful tool to determine open ports and services behind them. We’ll use a default...

READ MORE

How to Hack Without Metasploit for OSCP

What Do We Use Metasploit For? Before we figure out how to not use Metasploit, we need to have a clear idea of what we actually use it for in the first place. In the context of the OSCP labs, this is probably how you use it most: Finding exploits Customising payloads Privilege...

READ MORE

HOW TO HACK WEBCAM OF SOMEBODY TO TAKE PICTURES EVERY 30 SECONDS

INTRODUCTION Many people around the world are always interested to peek into other person computer. Image a hack that will help you to peek into other person webcam. Yes, today we will show you on how easy is for hackers to hack into someone computer and watch the webcam to take pictures every...

READ MORE

Credential Harvesting with Social Engineering Toolkit - Ethical Hacking & Offensive Penetration Testing

Credential Harvesting with Social Engineering Toolkit Introduction Credential harvesting can be used with many different types of attacks, but the ultimate goal is to make the user believe he has reached the site that he was trying to get to, such as Facebook or Google, and steal their...

READ MORE

HACKING YOUR FRIEND’S LOCATION BY SENDING HIM/HER A LINK WITH EXE

INTRODUCTION Sometimes we think, is it possible to get location of my friend’s or near ones? Today we will demonstrate step by step process on how we can grab the Geolocation of anybody using Windows 10. It can also be somebody who is trying to hack you or your victim or your friend. This all is...

READ MORE

STEAL YOUR FRIEND’S ANDROID PIN AND IPHONE PASSCODE USING A SINGLE LINK

Today, we are going to learn how to steal your friend's Android PIN and IPhone passcode using a single link. INTRODUCTION It’s easy to steal your friend’s Phone PIN and windows password using a single link. This all can be done by just sending a link to our friend. So today we will talk about a...

READ MORE

Web Application Security Testing Cheat Sheet

Web Application Security Testing Cheat Sheet Table of Contents:- 1 Introduction2 Purpose3 The Checklist3.1 Information Gathering3.2 Configuration Management3.3 Secure Transmission3.4 Authentication3.5 Session Management3.6 Authorization3.7 Cryptography3.8 Data Validation3.9 Denial of...

READ MORE

NMAP Scripts for Finding Vulnerabilities - Part 1

NMAP Scripts for Finding Vulnerabilities - Part 1 DNS Server Recursive Query Cache Poisoning Weakness nmap -sU -p 53 --script dns-cache-snoop.nse --script-args dns-cache-snoop.mode=nonrecursive IP DNS Server Spoofed Request Amplification DDoS nmap -sU -p 53 --script=dns-recursion Internet...

READ MORE

Know About 100 Best Hacking Tools

Penetration Testing & Hacking Tools List Online Resources – Hacking Tools Penetration Testing Resources Metasploit Unleashed – Free Offensive Security Metasploit course. Penetration Testing Execution Standard (PTES) – Documentation designed to provide a common language and...

READ MORE