admin

Exploiting XXE Using External Entities to Retrieve Files

The target has a feature (Check stock) that parses XML input and returns any unexpected values in the response. Thus,…

Android Pentesting with MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of…

Kali Linux Pentest Setup Script

This script automates many of the initial steps needed to configure Kali Linux for Penetration Testing. You can change and…

Eyewitness Web Application Triage Tool

EyeWitness is designed to take a file, parse out the URLs, take a screenshot of the web pages, and generate…

Transferring a Binary (NC.exe) Over a Remote Shell with exe2hex and PowerShell

Sometimes during a penetration test we need to transfer binaries into the target machine for exploitation when all we have…

Exploiting heartbleed for Private Key

wget.vbs – File Transfer

Installing Bloodhound in Kali Linux

BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use…