Users often request the addition of vulnerability scanners to Kali, most notably the ones that begin with “N”, but due to licensing constraints, we do not include them in the distribution. Fortunately, Kali includes the very capable OpenVAS, which is free and open source. Although we briefly covered OpenVAS in …
Read More »Kali Linux on Windows Subsystem for Linux
Kali Linux developers and Offensive Security team is always trying to find new ideas and better ways to run Kali Linux. With the recent introduction of Windows Subsystem for Linux (WSL) in Windows 10, it opened a new way to run Kali Linux. Tell me, do you play games? Sure. …
Read More »Bypass Web Application Firewall using WAFNinja
WAFNinja is a CLI python tool that helps penetration testers to bypass Web Application Firewall by automating steps necessary for bypassing input validation. WAFNinja supports HTTP connections, GET and POST requests and the use of Cookies in order to access pages restricted to authenticated users. It also supports intercepting proxy, …
Read More »Hacking remote desktop protocol using rdpy
RDPY is a Microsoft RDP Security Tool developed in pure Python with RDP Man in the Middle proxy support. This allows a user to record sessions and develop honeypot functionality. It supports both Microsoft RDP (Remote Desktop Protocol) protocol client and server side. RDPY supports standard RDP security layer, RDP …
Read More »WPSeku – WordPress Security Scanner
WPSeku is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues. Features of WPSeku WordPress Security Scanner WPSeku supports various types of scanning including: Testing for XSS Vulnerabilities Testing for SQL Injection Vulnerabilities Testing for LFI Vulnerabilities Bruteforce login via …
Read More »