82.5 F
High Point
Parrot OS
Parrot OS Configuration This is how I set up my Parrot OS after installation. There are a few things I believe are missing that should be installed or done. I like to keep things as real as possible so this will be hackers set up. UFW VPN Kill Switch

PoisonTap

Samy Kamkar's PoisonTap
Samy Kamar a security researcher has developed an IoT device that runs a python script called PoisonTap. This is a great article worth reading. It's affordable and can siphon cookies, expose internal routers and install backdoors.

SSH Tunneling

SSH Tunneling When you need to access a server/client behind a firewall that doesn't allow port forwarding you can use SSH tunneling to bypass that if an SSH server is running. Pivoting is a sneaky technique that hackers use to access computers, servers, and services behind firewalls. These examples will use OpenSSH. I think...
Enumerating Samba/SMB Servers Unintentionally leaving port 445 open or misconfiguring Samba can risk catastrophic damage to a corporation. Enumerating the Samba/SMB port can return critical information about file shares, users, printers and network groups. This can be a cornerstone for brute forcing accounts and accessing unprotected Samba shares. enum4linux
Ubiquiti Edgerouter Lite
Upgrading Firmware on a Ubiquiti Edgerouter Lite with SSH The Ubiquiti Edgerouter Lite provides the ability to create a virtual LAN (vLAN) for $129 dollars. This is a quality VPN solution that was highly recommend from someone who owns a data center. Seriously... well worth the money. Upgrading my router from...
PowerShell for Hackers As I'm learning more PowerShell and dabbling into hacking I will be composing a list of techniques and scripts that I find very beneficial for administration and pen-testing. Basics System Running Processes
Force TLS in .NET Versions before ASP.NET 4.7 default to making outbound connections using TLS 1.0. This is a real problem for security for many reasons. It's now been deprecated with many CVEs. Some of these vulnerabilities make TLS 1.0 vulnerable to man-in-the-middle attacks. A lot of APIs will not accept incoming requests from...
Parrot OS 4.7 Full-Screen Issue This is a quick easy fix. By default, it appears that Parrot OS 4.7 virtual appliance (.ova) doesn't come with VirtualBox Guest Additions installed. Once you have booted up Parrot OS run this command to install the VirtualBox Guest Utilities. Once this is installed, you may reboot and everything...
Post Exploitation Recon I frequently experience dead-ends on the more difficult CTF boxes. I've found that once acquiring a reverse shell I need to do some extensive internal recon. Sometimes the service that will be vulnerable is hidden and you must find it. Here are some ideas...
How to Learn Penetration Testing I personally believe people who want to get into penetration testing should have a very strong foundation in computer science and have either worked professionally as a programmer or an individual in infrastructure. If you still feel like you are cut out for hacking then here's...
Software Developer, Designer, After Effects, WordPress, XRM, InfoSec, DevOps, Hapkido

WEATHER

High Point
broken clouds
82.5 ° F
85 °
80 °
54 %
3.9mph
75 %
Wed
86 °
Thu
83 °
Fri
84 °
Sat
87 °
Sun
74 °

POPULAR ARTICLES