Apache 2.4.7 Exploit

If you came here looking for an Apache 2.4.7 exploit, you have come to the right place. You will witness a full dedicated article to an Apache 2.4.7 vulnerability identified by CVE-2014-0226. You can find more information about this CVE here. Introduction Let us introduce ourselves to the Apache 2.4.7 itself before introducing ourselves

By |2020-04-21T05:44:52+00:00April 18th, 2020|Categories: Tutorials|Tags: , |0 Comments

FTPDMIN Denial of Service Exploit

Welcome. In this article, we will rediscover a Denial of Service vulnerability (CVE-2020-10813) in FTPDMIN and go through the process of how this vulnerability was discovered. The techniques you will learn can be applied for bug hunting on other services as well, so make sure to pay attention to what's being done. In this article

By |2020-04-17T00:19:32+00:00April 17th, 2020|Categories: News, Tutorials|Tags: , |0 Comments

Scanning for vulnerabilities with Arachni

Arachni is a great free and open-source Web Vulnerability Scanner that can be easily installed to Kali Linux. It has an overload of features and it performs extensive scans on supplied websites. Taking this into account, Arachni is a truly underrated tool in the WVS market. In this article, we will introduce you to

By |2020-04-17T12:26:27+00:00April 10th, 2020|Categories: Tutorials|Tags: |1 Comment

Scanning WordPress websites for vulnerabilities

Scanning for vulnerabilities in websites with our common WVS (Web Vulnerability Scanners) sometimes is not the most efficient solution. Often, when we do a penetration test against a website, it's running one or another Content Management System. The only efficient way to scan a website running a certain CMS is by using a scanner made

By |2020-04-09T23:56:52+00:00April 9th, 2020|Categories: Tutorials|Tags: |0 Comments

Privilege escalation with PowerShell Empire

So in one way or another, you've got your shell on the victim machine. Well done. After doing a quick 'sysinfo' you notice that you're not the administrator user, hence the modules you can use are limited to basic operations. To get access to the sensitive data and operations, you must escalate your privileges

By |2020-04-09T12:35:48+00:00April 9th, 2020|Categories: Tutorials|Tags: |0 Comments

Fileless malware with PowerShell Empire

Even though the fileless malware scene isn't new, it has got its desired attention just recently. With antivirus solutions adapting artificial intelligence and techniques like dynamic analysis, it became harder and harder for malware developers to maintain undetected payloads. Eventually, any sort of malicious file gets detected. But, what if the malicious payload has

By |2020-04-09T12:51:02+00:00April 7th, 2020|Categories: Malware, Tutorials|Tags: , |2 Comments