Archive for May 2012
Metasploit is a very powerful penetration testing software and framework, metasploit has so many exploits and auxiliary modules that can perform so many tasks. There are so many auxiliary modules are available and this is the video tutorial made by mAx and I am just sharing the video tutorial. The video is the demonstration of credential sniffing via metasploit Psnuffle auxiliary module.
Posted in: EH Tips, EH Tools, Guest Post, Infosec, Linux, Pen-Testing, Tutorial, Vulnerability, WordPress, WP Security Scan
WordPress is one of the best and most popular content management system (CMS) among bloggers and there are a lot of bloggers using WordPress as a CMS. Wordpress is on the hit list of the hackers and spammers, spammers use their malware to compromise a wordpress website that is why reverse engineering of malware is necessary.
Information security is a broad field and it involves the penetration testing and computer forensic as well, there are so many tools are available to perform the penetration testing on the target, Metasploit is one of the best tool among them. Meterpreter is a powerful feature of metasploit that uses DLL injection to communicate over the socket. Meterpreter works on the client-side by providing a powerful environment to communicate, to transfer files.
By default all operating systems, including Linux, save passwords of previously connected Wi-Fi access points. There are ways to export these saved passwords to be used in other computers. Third party software like LastPass and WirelessKeyView can save your saved passwords, and import them to other computers. Mac users can use LastPass and 1Password to save their passwords, including Wi-Fi passwords.
SQL injection is the most dangerous and common web application attack, there are so many tools are available to exploit the SQL-injection vulnerability like Havij and SQLmap but to find a vulnerability is an important step to exploit the web application. So in this article we will discuss about a wonderful tool that can find the SQL-injection vulnerability on a web application.
Metasploit has now become the king of tools used in penetration testing. It’s comprised of a collection of all available exploits. The tool has its pros and cons; some advantages are:
- It automates the process of penetration testing
- Fast (less time require)
- It offers a lot of advanced features that we will discuss step by step