CTF: Kioptrix 3
This is another OSCP like VulnHub that was very fun to do. I didn't have any issues rooting this one and was able to do it rather quickly.You will get practice with:
nmapmetasploitmysql clientfile privilege escalation
Enumeration
I start off with an arp-scan to find the local machine... and it turns out that my box is 192.168.0.46. Let's get this...
BlackArch Default Login / Password
BlackArch Linux is a distro that is focused on pen-testing and hacking. This distro includes over 2,300 tools for pen-testing.
User: rootPassword: blackarch
Changing Your Password
To bring up a terminal you will need to right-click the desktop and select terminals -> term
Once Terminal is open type
Hardening ASP.NET Response Headers (Code)
A reliable way to harden your ASP.NET web application is to remove and skew the response headers via code. This will throw off automated scans that are performing banner grabbing in an attempt to identify vulnerabilities. There are ways to do this in IIS, however, performing this in code means it's applied everywhere that the...
Parrot OS Configuration
This is how I set up my Parrot OS after installation. There are a few things I believe are missing that should be installed or done. I like to keep things as real as possible so this will be hackers set up.
UFW VPN Kill Switch
This script will disallow traffic through the ethernet and WiFi port and allow...
Offensive .NET: C# Reverse Shell
https://www.youtube.com/watch?v=NqwpwusH6WU
Creating a .NET C# reverse shell that is undetectable is very easy. In this example, I'm going to use BankSecurity's reverse shell that I forked. This is a real basic reverse shell. Some of the more advanced code will be obfuscated and do some sort of process injection which would include shellcode.
I'll show you how...
Docker for Pentesters
Docker is truly one of the most fascinating changes to come to software development over the last 10 years. While the concept of containerization has been around since 1979; starting with the advent of chroot. Docker has revolutionized how containerization works. Docker made it easy to not only use containers but downloading fully functional environments can be...
Upgrading Firmware on a Ubiquiti Edgerouter Lite with SSH
The Ubiquiti Edgerouter Lite provides the ability to create a virtual LAN (vLAN) for $129 dollars. This is a quality VPN solution that was highly recommend from someone who owns a data center. Seriously... well worth the money.
Upgrading my router from firmware version 1.2 was difficult because there is a bug...
Customize PowerShell in Windows Terminal
The all-new Windows Terminal is truly amazing and packed with many features. It is also fully customizable! I highly recommend configuring Windows Terminal to have a customized background and to install Oh My Posh.
Setting a Custom Background
If you go to the settings under Windows Terminal it will open a "settings.json" file that is editable.
Settings
Vim
I'm a...