Discover IP Space

Let's say that you have a target and want to find the IP space for that target. By knowing this info you will have a good reference for how much they have out there on the internet. The following sites will give you a good start to find…

Bug Bounty Automation: Subdomain enumeration

Discovering subdomains manually would take an age. There are a lot of tools out there to find subdomains, but you can't depend on just one tool to enumerate subdomains. Top bug bounty hunters have their own tools that automate the recon…

Port 53 – DNS

DNS (Domain Name System) uses both TCP and UDP port 53 The most commonly used port for DNS is UDP 53. This port is used when a computer, mobile etc.. connect with a DNS server to resolve a particular domain name. Domain Name System uses …

Transferring Files on Linux

Simple Local Web Servers Run a basic HTTP server with Python: python -m SimpleHTTPServer 80 Run a basic HTTP server with Python3: python3 -m http.server Run a ruby webrick basic HTTP server: ruby -run -e httpd . -p 8000 Run a PHP …

How to upload a shell in Magento

After getting Magento admin credentials, you will need to upload a shell. You can do that by uploading a Magento package containing the PHP shell. You can download the package from here: https://github.com/lavalamp-/LavaMagentoBD or…

How to upload a shell in WordPress

After getting Wordpress admin credentials, you will need to upload a shell. You can do that by uploading a fake Wordpress plugin containing the PHP shell. Or you can go to the Appearance menu and then went to the Editor. On the top of the…

Spawning a TTY Shell

During penetration testing, for example, if you found a vulnerable web application and were able to get a reverse shell back to your machine. Usually, the shell that you receive is own by the user of the running service such as "www-data"…

Creating Metasploit Payloads using Msfvenom

Msfvenom is the combination of payload generation and encoding. It replaced msfpayload and msfencode on June 8th 2015. You can create multiple payloads with this module, it will help you to get a shell in almost any scenario. Note:…
SignupSubscribe to our newsletter to get the latest ethical hacking & penetration testing tutorials & resources.

Subscribe to our newsletter to get the latest ethical hacking & penetration testing tutorials & resources.