Tcpdump is a command-line tool for capturing and analyzing network packets in Linux. Basically its a packet sniffer that also breaks them down into easy to read format for human beings. It can be a powerful tool for troubleshooting network connectivity issues by analyzing the network traffic on a system. Tcpdump works by listening for… Read More »
VPN Service Surfshark is a popular vpn service provider that works natively on windows, macos and linux with a gui client app, and also has browser extensions for chrome and firefox. In this article we take a look at how the browser extensions of Surfshark vpn (and similar vpn providers) work under the hood. With… Read More »
OpenVPN OpenVPN is open source, secure and robust. It is readily available for most platforms and can be setup quickly. The SurfShark native client also uses OpenVPN underneath. It supports both tcp and udp based wrappers for vpn traffic over internet. UDP is significantly faster than tcp and works really well. There are multiple ways… Read More »
DNS Leak DNS Leak is commonly seen in vpn connections, when all the http traffic goes through the vpn tunnel, however the dns queries go directly to system/isp dns servers bypassing the vpn tunnel, which breaks the privacy protection offered by the vpn. Unless dns leaks are fixed, you are not fully privacy guarded in… Read More »
Kali linux is a security oriented linux distribution aimed at digital forensics and penetration testing users. It is the successor of backtrack linux.
Kali linux Kali Linux comes with a hacked version of the gnome 3 desktop. It has been made to look like gnome 2 but lacks many features of the old version. If you want other desktops then can install kde, xfce or lxde from the repository. However if you want to get the good old… Read More »
Wireshark Wireshark, the most powerful packet sniffer and protocol analyser can be used to sniff data out of the captured packets for various protocols. Network communication takes place in packets and any request like http get/post is broken down into multiple packets and then transmitted to the remote webserver. Wireshark has the ability to reconstruct… Read More »
Adsl Routers Adsl routers are very common now a days as the primary hardware device used to connect to broadband connections. The modems connect to the broadband service using the username/password. Then the pcs connect to this router to form a local area network. The pcs use the router as the primary gateway to connect… Read More »
This simple tutorial shows you how to use john the ripper to carry out dictionary based brute force attacks and crack passwords.
Burp Suite Burp Suite is a security analysis tool that can be used to simulate web requests to test a web application or system for vulnerabilities. It has many components like Burp Intruder, Scanner, Repeater etc. Burp Intruder can do various kinds of fuzzing attacks with provided payloads. It is used when you need to… Read More »
Brute force password cracking Hydra is a popular password cracking tool that can be used to brute force many services to find out the login password from a given wordlist. It is included in kali linux and is in the top 10 list. On ubuntu it can be installed from the synaptic package manager. For… Read More »
When you start Kali, the grub boot menu comes up which waits for around 5 seconds before booting. Now if there are other oses alongside kali then the grub menu is useful. However if kali is the only os on the system, or for example kali is running inside virtualbox then it is of little… Read More »
Kali linux uses the root user, since root privileges are needed to run various security tools like nmap and wireshark etc. However its uneasy to type the root/toor combination everytime Kali boots. So to make things simple just make the user root login automatically at system start. And here are the simple steps to do… Read More »
Apache and mysql are installed by default in Kali Linux. They can be accessed through the Kali Linux menu in Applications. To start apache web server click the menu entry at “Applications > Kali Linux > System Services > HTTP > apache2 start”. Similary to start mysql click MySQL > mysql start. However starting services… Read More »
Quick tutorial on how to install the angry ip scanner on kali linux. angry ip scanner is a fast ping and port scanner.
Quick tutorial on how to run metasploit exploit framework and armitage on Kali linux.
Hack windows xp with MS08-067 exploit Using metasploit its possible to hack windows xp machines just by using the ip address of the victim machine. It does not involve installing any backdoor or trojan server on the victim machine. Metasploit does this by exploiting a vulnerability in windows samba service called ms08-67. This exploit works… Read More »
Kali linux is the next version of backtrack in a completely new form. Tor is not installed by default in kali linux. However can be installed easily right from its own repositories. root@kali:~# apt-get install tor vidalia Run the above command and tor along with vidalia should be installed. Start the tor service with the… Read More »
Uniscan is a web application security scanner for remote file inclusion, local file inclusion and remote command execution vulnerabilities.
When trying to exploit some website using sqlmap, its a good idea to be anonymous. Sqlmap has excellent support for using common proxies or tor. First start tor and ensure that it is running the socks5 daemon on port 9050. Then use the socks5 proxy with sqlmap as follows # ./sqlmap.py –tor –tor-type=SOCKS5 -u "http://www.hackable.org/view_section.php?id=10"… Read More »