This is pretty old trick but not heavily used. You can run your Virtual Machines in VMware KVM mode with VMware Workstation 10.x or higher. This has been available to VMWare Workstation users since 2014 but I sincerely don’t know how many people actually uses it or even know about …
Read More »Bypass Web Application Firewall using WAFNinja
WAFNinja is a CLI python tool that helps penetration testers to bypass Web Application Firewall by automating steps necessary for bypassing input validation. WAFNinja supports HTTP connections, GET and POST requests and the use of Cookies in order to access pages restricted to authenticated users. It also supports intercepting proxy, …
Read More »Hacking remote desktop protocol using rdpy
RDPY is a Microsoft RDP Security Tool developed in pure Python with RDP Man in the Middle proxy support. This allows a user to record sessions and develop honeypot functionality. It supports both Microsoft RDP (Remote Desktop Protocol) protocol client and server side. RDPY supports standard RDP security layer, RDP …
Read More »Create MITM Test Environment using Snifflab
Snifflab is a technical test environment for capturing and decrypting WiFi data transmissions. Snifflab creates a WiFi hotspot that is continually collecting all the packets sent over it. All connected clients’ HTTPS communications are subjected to a “Man-in-the-middle” attack, whereby they can later be decrypted for analysis. This article presents …
Read More »Gain root access in macOS High Sierra #iamroot
It’s a rather embarrassing a bug that was discovered by developer Lemi Ergin that allows anyone to gain root access in macOS High Sierra with a blank password. Yes, all you need to do is just press enter enough times and you’re root. In fact everyone now using #iamroot just to …
Read More »