Skip to main content

Posts

Storm-Breaker, enables the utilization of social engineering techniques to access webcams, microphones, and location finders

  Phishing represents a cyber attack method in which attackers aim to deceive individuals into revealing their personal information, such as login credentials or credit card numbers, by posing as a reputable entity, such as a bank or a social media platform. This fraudulent activity typically occurs through emails, text messages, or social media posts that contain a link to a counterfeit website or request personal information. Phishing attacks can be highly sophisticated and challenging to detect, often resulting in serious consequences like financial loss, identity theft, or unauthorized access to sensitive data. It is crucial to be vigilant about the signs of a phishing attack and take measures to protect both yourself and your personal information. Storm-Breaker  a command-line tool written in python, has garnered a strong following within the social engineering community. Its primary purpose is to provide access to webcams , microphones , and location finders . Setting up Storm-
Recent posts

Blind OS command injection -Portswigger (LAB-2) | INFOCODX

  Hey there, how are you all? I hope everything is going smoothly and everyone is doing fine.  Today, we're diving into the exciting world of OS Command Injection labs from portswigger . Get ready for some hands-on action!  So what is blind OS command injection? I've already covered OS command injection in my previous blog post. Blind OS command injection works similarly, but instead of receiving output back to the web app, we don't get any output. So, how can we determine if there is a blind OS command injection? One technique is to use time delay. By using an OS command that takes some time to execute, we can test for it. LAB 2 : Blind OS command injection When we access this lab, a web application will be presented to us. As shown below, there is a feedback form available for submission. Firstly, let's go ahead and explore that particular feature, utilizing it to conduct a thorough analysis. It's worth noting that there is a dedicated functionality allowing users

OS Command Injection -Portswigger (LAB-1) | INFOCODX

Hey there, how are you all? I hope everything is going smoothly and everyone is doing fine.  Today, we're diving into the exciting world of OS Command Injection labs from portswigger . Get ready for some hands-on action!    So, the first thing we need to know is what OS command injection actually means. A command injection allows attackers to run any commands they want by exploiting data handling vulnerabilities. This can lead to various attacks like injecting JavaScript or HTML code. OS Command Injection is a specific attack that enables the execution of commands on the target operating system or server. Alright, let's begin, shall we? LAB 1 : OS command injection This lab contains an  OS command injection  vulnerability in the product stock checker. The application executes a shell command containing user-supplied product and store IDs, and returns the raw output from the command in its response. To solve the lab, execute the  whoami  command to determine the name of the curr

Top 5 Kali Linux Tools For Hacking

  The IT world is under constant threat from cybercrime, necessitating the adoption of various measures to combat it. Ethical hackers, also known as "white hackers," leverage a multitude of network security tools to evaluate networks and data systems, pinpointing any possible vulnerabilities that may be exploited by hackers. What Is Kali Linux?  An open-source distribution that is designed for cybersecurity professionals, ethical hackers, and penetration testers, Kali Linux is based on Debian and offers over 600 tools for security auditing and penetration testing. Offensive Security is the active developer of Kali Linux, which is widely used by Infosec companies and ethical hackers. Kali Linux  was designed to be used by professionals, web admins, and anyone who knows how to run Kali Linux; it was not designed for general use. Kali Linux has numerous security-hacker applications pre-installed for exploitation tools, forensic tools, hardware hacking, information gathering, pas

Discover the latest features and enhancements in Angular 17

  Introduction On November 8, 2023, Angular version 17 was unveiled, signifying a remarkable evolution for the framework that originated in September 2016. This release breathes new life into the application, presenting a fresh outlook and renewed potential. It is important to clarify that rebirths do not imply a complete overhaul of the framework, but rather the incorporation of major functionalities that enhance its power using the latest browser features. A new Branding The Angular logo was absent from social media sites like X for a few days, and instead, a question mark was displayed. However, on November 6, the Angular team introduced a new logo and a brand new documentation website that can be found here. This brand-new site (still under construction in terms of APIs) brings many improvements, such as: the ability to experiment with features in a sandbox new tutorials with the option of creating them in a sandbox a brand-new organization by theme (component, form, accessibility,

Linux Fundamentals Part 3 | TryHackMe: Walkthrough | INFOCODX

  Discover a simplified and beginner-friendly documentation of the Linux Fundamentals Part 3 Room on TryHackMe, which includes a detailed step-by-step guide and answer key. Room URL:  Linux Fundamentals Part 3 Task 1 (Introduction) Ready to begin? This area will guide you through flags, arguments, advanced filesystem information, and permissions! Nothing more to do here but proceed to part 2! Task 2 (Accessing Your Linux Machine Using SSH) To proceed to task 3, it is crucial that you closely follow TryHackMe 's guide, as this task is highly specific to their platform. TASK 3-: Terminal Text Editors Create a file using Nano by using the command “ nano new_file_name ”. # Create a file using Nano Answer:   No answer needed # Edit “task3” located in “tryhackme”’s home directory using Nano. What is the flag? Answer:   THM{TEXT_EDITORS} Task 4 :  General/Useful Utilities      Type in the following command to start a python webserver on the default port         command :  python3 -m http.