Spam-test. Test if your email adress / domain are on any blacklist or if anything is wrongly configured. Check for spf,dkim and other stuff. #pentesting #blueteam #cybersecurity #spam #tester

This is a simple way to test if your email security is ok. Open a web browser and access https://mail-tester.com and copy the destination email on the page. Then send a email to that address that you got from the page Then go back to the web page and press Then check your score. (wait […]

Buffer Overflow, how do I prepare for Penetration Testing Professional V5 buffer overflow part. @eLearnSecurity #bufferoverflow #infosec #hacking #pentest #pentesting #redteam #hackthebox #INVIDGruppen #INVID

I am  not a programmer from the beginning so I struggle a lot with buffer overflow part of the PTP course. I can not turn back  time 25 years and start study programming so how do a old dog learn buffer overflow? This is what I do. Watch Videos, I learn faster if someone tells […]

How to set up juice-shop @ heroku for free. Then begin hacking your own web application. @heroku @owasp #infosec #hacking #pentest #cybersecurity #webhacking

I was watching a YouTube video from https://twitter.com/thecybermentor  and wanted to spread the word to my 2 followers. This is a great way to get started with web application hacking. You will set up your own environment in seconds. After the deployment go to https://pwning.owasp-juice.shop/  and do the 95 challenges. Step1 Create a free account […]

Create file with hostnames from website with cewl, then scan the webserver for vhosts with Metasploit vhost_scanner to find hidden virtual hosts on webserver. #infosec #hacking #pentest #pentesting #redteam #hackthebox #ctf #linux4hackers

We start to collect possible hostnames from websites with Cewl cewl http://10.10.10.1 -w cewl.txt You can also use some other switches like -d = deph to look on the website for words -m = minimum wordlengh -w = outputfiel So that the final command can look like this: cewl http://10.10.10.1 -d 5 -w cewl.txt When […]

CORE-IT is a FREE virtual conference hosted by Chappell University. The online event begins March 24th at 9 am Pacific Time. #wireshark #nmap #darknet @torproject #kismet #tcp #dns @LauraChappell https://www.engagez.net/coreit1#lct=entrance

I got an email regarding a  free Virtual Conference 2020! Could be something real nice! https://www.engagez.net/coreit1#lct=entrance Agenda here: https://coreit.s3.amazonaws.com/CORE-IT_Agenda-v1f.pdf Click to access CORE-IT_Agenda-v1f.pdf Click to access CORE-IT_Agenda-v1f.pdf Click to access CORE-IT_Agenda-v1f.pdf Click to access CORE-IT_Agenda-v1f.pdf

Fishing with Raspberry Pi, Kali, Auto connect to VPN, Auto register domain with GoDaddy, Automatic SSL cert with Letsencrypt, Run Golang, Run Gophish @letsencrypt @golang @kalilinux @GoDaddy #kali #raspberrypie #linux #infosec #hacking #pentest #pentesting #redteam #gophish

This is just for demo, I used root as user, you should perhaps consider other user to do this. Installation of Kali Download Kali Image https://www.offensive-security.com/kali-linux-arm-images/ Flash the SDCARD with etcher on you Kali box or any other burning program. Put the sdcard in the PI and boot OpenVPN Autostart Download opvpn conf file from […]

How to exploit Active Directory ACL based privilege escalation path with Bloodhound and aclpwn.py. Then collect the hashes, if you are lucky to get that level of access with secretdump.py #kali #kalilinux #hacking #pentest #pentesting #redteam

This was done from Kali box. Of course the Sharphound was ran on a compromised computer. Used application Bloodhound and Sharphound ( https://github.com/BloodHoundAD/SharpHound ) aclpwn ( https://github.com/fox-it/aclpwn.py ) Steps to do it Get output with sharphound and put that on our kali box use -all when run the Sharphound. Start neo4j and bloodhound import the […]