Category: Academy

Penetration Testing Wiki

10 RULES TO BECOME A GREAT PENTESTER

#1 First step is to understand deeply how a computer, network works. So without this understanding you cannot understand what is happening behind the scenes. Get a good understanding of computer memory, network protocols, OS essentials,… #2 Kali linux is the standard the facto for pentesting, so you will have to master Linux commands. #3…
Read more

Top 10 smart contract vulnerabilities on Ethereum

NCC group started an initiative called DASP for Decentralized Application Security Project in 2018. It covers the top 10 vulnerabilities found in smart contracts running on the Ethereum blockchain. This is a quick summary of the top 10: Reentrancy: Occurs when external contract calls are allowed to make new calls to the calling contract before…
Read more

Interactsh: Open-Source OOB solution for SSRF, Blind SQLi, … in Kali Linux

Project Discovery, the same people behind Nuclei scanner that allows you to customize vulnerability scanning from YAML templates, just released another awesome project called Interactsh. To keep it quick and short, it’s a free alternative to Burpsuite Collaborator for free that you can use in their SaaS platform or just deploy it in your own…
Read more

Cybersecurity Android Apps

Hacking Android apps in Windows with Frida (Part I)

Frida is a dynamic instrumentation toolkit to debug and analyze processes in multiple platforms (Windows, Linux, MacOS, Android, iOS, …). First thing before install frida-tools, you we’ll need python 3.x and pip tool. After that you can install easily Frida opening the Command Prompt as Administrator: That’s all you need in your laptop. As frida…
Read more

Fuzzing with Radamsa in BlackArch

Radamsa is a test case generator, it receives some input data and then it scrambles it to return some random data. Random is truly random, that means that you can even receive the same string 🙂 Unfortunatelly radamsa doesn’t come by default in BlackArch nor Kali Linux, so we have to build it and install…
Read more

Best Portswigger Burpsuite Pro plugins in 2021

protobuf decoding https://github.com/nccgroup/blackboxprotobuf J2EEScan https://portswigger.net/bappstore/7ec6d429fed04cdcb6243d8ba7358880 ParamMiner https://portswigger.net/bappstore/17d2949a985c4b7ca092728dba871943 Upload Scanner https://portswigger.net/bappstore/b2244cbb6953442cb3c82fa0a0d908fa Retire.js https://portswigger.net/bappstore/36238b534a78494db9bf2d03f112265c Msgpack https://portswigger.net/bappstore/c199ec3330864d548ff7d6bf761960ba Turbo Intruder https://portswigger.net/bappstore/9abaa233088242e8be252cd4ff534988 More on https://pentestwiki.org/tools-for-web-penetration-testing/

How to disguise a covert channel with netcat like a harmless command

One of the most important steps after the post-exploitation is to cover our activities and maintain access to the target. In Linux, BSD or Unix we can easily disguise a process name to hide our covert operations. We can abuse the C function execv() to show one command but execute one completely different. In the…
Read more

How to record your terminal💻 session on Linux🐧

Intro When writting an article about ethical hacking techniques I tried many ways to record my terminal and keep a good quality and resolution. If you record directly your screen with some screencast software the resolution for the letters of the terminal usually gets pixelated, so it’s not looking great. Then luckily I found terminalizer…
Read more

OpenSSL certificate from der to pem

To convert a DER certificate to PEM format, use the following openssl command:

How to intercept HTTPS Traffic from Android App

If you are interested in getting all traffic related to an specific app and you have a rooted phone, ProxyDroid is a good option: https://play.google.com/store/apps/details?id=org.proxydroid First thing before enabling the “Proxy Switch”, you have to point Proxydroid to the machine where you have BurpSuite running listening in the Wifi interface. In my case 192.168.1.134 on…
Read more