Blog

Penetration Testing Wiki

How to scan a host with RustScan

When performing a penetration test, one of the most crucial parts is scanning and enumeration. Because if you lose any important port at this stage, you are letting go a juicy part of the attack vector to compromise the machine. Nmap is the standard-de-facto for port scanning, however it’s great to know that there are…
Read more

How to download Windows legally for FREE for your pentesting labs or malware analysis

Sometimes we need a fresh Windows to use it as a Sandbox, try some exploits, etc… the best method is to virtualize it using VirtualBox or VMware, but how to do it without not buying a license everytime 🙂 Here is the solution: https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ Please note that these virtual machines expire after 90 days, but…
Read more

Note taking for the OSCP certification

Doesn’t matter if your are doing a pentest engagement for a client or getting through your OSCP certificate, note taking is a mandatory skill. You can use Microsoft Onenote as many people do, other two open-source options are: KeepNote Cherrytree Here are a couple of examples I personally use:

10 RULES TO BECOME A GREAT PENTESTER

#1 First step is to understand deeply how a computer, network works. So without this understanding you cannot understand what is happening behind the scenes. Get a good understanding of computer memory, network protocols, OS essentials,… #2 Kali linux is the standard the facto for pentesting, so you will have to master Linux commands. #3…
Read more

Pentestwiki.org joins the Brave Verified Creator program

BAT (Basic Attention Token) is a crypto token natively supported by the Brave webbrowser that blocks standard trackers and cookies and shows you a limited number of ads in a pop-up window. For each ad you can earn around 0.005 BAT and also you can send BAT to websites that are part of the BAT…
Read more

Top 10 smart contract vulnerabilities on Ethereum

NCC group started an initiative called DASP for Decentralized Application Security Project in 2018. It covers the top 10 vulnerabilities found in smart contracts running on the Ethereum blockchain. This is a quick summary of the top 10: Reentrancy: Occurs when external contract calls are allowed to make new calls to the calling contract before…
Read more

Certified Blockchain Security Professional certification

After studying blockchain for a while, I decided to apply for the Blockchain Training Alliance (BTA) Certified Blockchain Security Professional Certification, CBSP for short. The exam covers the basics of blockchain consensus algorithms, advanced blockchain security mechanisms (permissioned blockchains, checkpointing, multisignatures, ring signatures, stealth transactions, confidential transactions, zero-knowledge proofs and Pedersen commitments), network-level attacks (51%…
Read more

Interactsh: Open-Source OOB solution for SSRF, Blind SQLi, … in Kali Linux

Project Discovery, the same people behind Nuclei scanner that allows you to customize vulnerability scanning from YAML templates, just released another awesome project called Interactsh. To keep it quick and short, it’s a free alternative to Burpsuite Collaborator for free that you can use in their SaaS platform or just deploy it in your own…
Read more

Cybersecurity Android Apps

Hacking Android apps in Windows with Frida (Part I)

Frida is a dynamic instrumentation toolkit to debug and analyze processes in multiple platforms (Windows, Linux, MacOS, Android, iOS, …). First thing before install frida-tools, you we’ll need python 3.x and pip tool. After that you can install easily Frida opening the Command Prompt as Administrator: That’s all you need in your laptop. As frida…
Read more

Fuzzing with Radamsa in BlackArch

Radamsa is a test case generator, it receives some input data and then it scrambles it to return some random data. Random is truly random, that means that you can even receive the same string 🙂 Unfortunatelly radamsa doesn’t come by default in BlackArch nor Kali Linux, so we have to build it and install…
Read more