Sign in
Sign in
Recover your password.
A password will be e-mailed to you.
Discover IP Space
Let's say that you have a target and want to find the IP space for that target. By knowing this info you will have a good reference for how much they have out there on the internet.
The following sites will give you a good start to find…
Bug Bounty Automation: Subdomain enumeration
Discovering subdomains manually would take an age. There are a lot of tools out there to find subdomains, but you can't depend on just one tool to enumerate subdomains. Top bug bounty hunters have their own tools that automate the recon…
Port 53 – DNS
DNS (Domain Name System) uses both TCP and UDP port 53
The most commonly used port for DNS is UDP 53. This port is used when a computer, mobile etc.. connect with a DNS server to resolve a particular domain name. Domain Name System uses …
How to upload a shell in Nibbleblog 4.0.3
First, Activate My image plugin by visiting
http://localhost/nibbleblog/admin.php?controller=plugins&action=install&plugin=my_image
Second, upload your PHP shell and ignore the warnings:
Go to the following link.…
Transferring Files to Windows
It's always easy to transfer files on Linux because the systems have default tools such as netcat, wget, or curl. But windows does not have these tools.
VBScript
A good script to make a wget-clone in VB.
echo strUrl =…
Transferring Files on Linux
Simple Local Web Servers
Run a basic HTTP server with Python:
python -m SimpleHTTPServer 80
Run a basic HTTP server with Python3:
python3 -m http.server
Run a ruby webrick basic HTTP server:
ruby -run -e httpd . -p 8000
Run a PHP …
How to upload a shell in Magento
After getting Magento admin credentials, you will need to upload a shell. You can do that by uploading a Magento package containing the PHP shell.
You can download the package from here:
https://github.com/lavalamp-/LavaMagentoBD
or…
How to upload a shell in WordPress
After getting Wordpress admin credentials, you will need to upload a shell. You can do that by uploading a fake Wordpress plugin containing the PHP shell. Or you can go to the Appearance menu and then went to the Editor. On the top of the…
Spawning a TTY Shell
During penetration testing, for example, if you found a vulnerable web application and were able to get a reverse shell back to your machine. Usually, the shell that you receive is own by the user of the running service such as "www-data"…
Creating Metasploit Payloads using Msfvenom
Msfvenom is the combination of payload generation and encoding. It replaced msfpayload and msfencode on June 8th 2015. You can create multiple payloads with this module, it will help you to get a shell in almost any scenario.
Note:…