Ş̷̦̥̹̤̦͋̌̔͒̈́̉̈́͒͛̎̈́́͊̉̾̕̚e̶̜͖̻͆͒̌̇̈̀̐͆͑͌̀͝ͅc̷̨̖̱̥̤̓̈́̄̒̕͠ŗ̶̢̝̟̱͉̠̙̜͔̣̙͖͂̈͑̍̈̈́́̄̊̎̈̊͑̕͜͝͝ȩ̴̡̧̩̞̲̩͎͙̞͕̮̲̺͙̜̠̪̭͙͂̊̉̒͌̈̂̿̏̉͑ͅt̵̨̧̨̧̧̢͔̫͇͉̞̘̥̫̥̱̞̬̩̓̽͆̒̍̑̈́͑͆̍͜͠ş̶̛͇̪̝̝͕̻̪͇̭̖̘͇̼̞͉̮̏̀̾̅̏͜͜ͅ ̸̛̛̣͌̈́̋̂̅̋̈́̃̆͐́̀̐ȧ̶̧̨̜̠̟̖̼͈̰̻̞̥̞̣̀̌ͅͅr̶̡̡̡͇̝̻̞̤̘̻̩̖̞̮͚̜͓͚̩̞͐̽͝e̸̗͕̥̰̤͖̲͔̺͉̦̣̾̊̈́̿͛̀̀̂͗͑̋͌̓ ̸̛͔̣̬͉͖̟̟̠̬͍̞͈̤̓̊̀̽̓̋̒̿̂͊m̵̢̛̮̭̗̠͕̠͔̞̺̦̖̻̩͕͓̪̝̋̎͐͌̓̔̉͛̂̊͐̈́͂͌̐́̔̓̕͠é̴̢̡̢̟̲̝̙̬̱̱̳̥̠̞̤̬̯́͜͜ḁ̶̘̞͈͈̘͕̻̬̲̟̌͌̎̋̏̕͜͝͝n̸̛̙̦͎͍̰̖̗͚̼̈́̆̊̇̈́͝t̸͙͎͓̻̰̥̭̲̯̭̼͉̺̥̻͕͎̆̉̀̏̑́̉̌͗̽ ̶̹̗̅͋̄͛͑̓͗̀̽t̴̡̰͙̣͔̣͓̮̄̔͂̍͛̋̓͐͂̽͊̓̽͆̄̑ͅơ̵̧̫̐͌̓̾̈́̑̔̀̕͘͝͝ ̶̮̉͌̊̋̂̌̄̕b̷̨̛̞̫̝͈̼̫̝̬̟̱̓̔͊̆̄̓̽̌͘ë̷̢̧̻̘̻̞͎̝̣͚͚̬͎̤͇̖͙̪͔͔̓̎̀̾̈͌̄̂̑͂̔̾̉̅͝͠ ̵̛̟͚̳͇͔͉̈̀̓̓̔͂͑̈͛̀̉͊͋̈́͑̕̕̚͘r̴͕͔̗̓̿͠ę̷̢̥̳̟̱̝̤͉͎̱͚̙̫̦̗̆̓̑̒̂̋͒͂̇̒̒̐̕͝ͅv̸̡̛͉̫̙͕̣͇͓͖̺͔̦̞̖͚͒̂̈́͗͆́̃̅͗͐ȩ̸̧̧̧̦̪̙͔̱͉̪̩̜̅̀̅̑á̵̹̣̪̺̪͉͙͍̳̪̱̌͌͆͑̏͛̏͌̅̋̈́ļ̷̢̣̗̭̮͕̹̟͉̥̗͎̠̗͍̖͋̈́̅̈͆̀̾̂̆̉̎e̴̛̛̻͂̈͌̉́̌̓̾̐̂̚d̶̩̭̝͈̖͙̭͔͎̖̄̏̇̊̏̎̏̓̓̊̌̆̀̄̅̑̒̈́́

Month November 2019

Heist

User Nmap 7.80 scan initiated Sun Aug 18 09:15:37 2019 as: nmap -sS -sC -oN nmap 10.10.10.149 Nmap scan report for 10.10.10.149 Host is up (0.13s latency). Not shown: 997 filtered ports PORT    STATE SERVICE 80/tcp  open  http | http-cookie-flags: |   /: |     PHPSESSID: |      httponly… Continue Reading →

Abusing PDF to steal Windows credentials

A PDF (Portable Document Format) is an electronic document introduced by Adobe. It is fundamentally used to distribute finishing up variant of reports on the Internet, by email or on other platforms. Its fundamental reason for existing is to show… Continue Reading →

Jarvis

Jarvis is a Norman French surname (last name) linked to Saint Gervasius.Its Latin meaning is “He who is skilled with a spear.” Jarvis was a basic and fun box. I’ll begin by finding an SQLi in one of the site… Continue Reading →

Glances

Use Glances to Monitor Remote Linux in Web Server Mode Glances is a free open source, modern, cross-platform, real-time system monitoring tool. It can run in different modes: as a standalone, in client/server mode and in web server mode. Running… Continue Reading →

Some Offensive Security terminologies

Introduction **Ethical hacking**, **penetration testing**, **vulnerability assessment**, **red teaming** and many more terms flying around in the field of offensive security. often those terms are used interchangeably and that create the confusion that they mean the same thing which is… Continue Reading →

SSH Tunnel

A very popular service used by almost all system administrator for remote administration as it is secure encrypted connection. For a pentester it is more useful than it seems. Quick Basic: default ssh port : 22 Both windows and linux… Continue Reading →

Haystack

1. nmap -sV -sC -oA nmap/Haystack 10.10.10.115 Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-30 13:00 GMT Nmap scan report for 10.10.10.115Host is up (0.13s latency).Not shown: 997 filtered ports PORT STATE SERVICE VERSION22/tcp open ssh OpenSSH 7.4 (protocol 2.0)| ssh-hostkey:| 2048… Continue Reading →

Networked

NETWORKED@HTB Networked is an easy box from hackthebox. Ok let’s start. Quick Hack:User: Port Scan > 80/http > view-source or dirbuster > uploads.php &photos.php > php file upload > reverse shell > user home directory > crontab.guly,check_attack.php > create file… Continue Reading →

Matrix effect

How to get matrix effect on your terminal: Matrix is a cool effect for your terminal, it will look like the matrix. See picture 1. The original Matrix screen saver effect for Parrot Linux terminal. Cmatrix is written in ncurses… Continue Reading →

NetCat: The Swiss Army Knife

Netcat is a super useful tool for a pentester. It gives you the ability to use the raw sockets. Ncat is similar tool and that can be used on windows. Both are nearly same regarding functionality. Here I will discuss… Continue Reading →

-->