Create Your Own VPN Server
OpenVPN is a free software-based connectivity tool: SSL, VPN Virtual Private Network. OpenVPN offers point-to-point connectivity with hierarchical validation of remotely connected users and hosts.
Posts by Tag
- Anonymous 4
- Tor 3
- eCPPTv2 2
- Hello World 1
- Windows 1
- IIS 1
- privileged 1
- msfvenom 1
- eJPTv2 1
- Active Directory 1
- NBT-NS 1
- Web 1
- XSS 1
- Networking 1
- eWPT 1
- HardwareHacking 1
- OSCP 1
- Amazon AWS 1
- ARTE 1
- SkullNet 1
- CTF 1
- Google Cloud 1
- GRTE 1
Anonymous
Create Your Own Tor Relay - Networking
The Tor network depends on volunteers who donate bandwidth. The more people keep repeaters running, the Tor network will be better. Today’s Tor network is quite small compared to the number of people who need to use it, which means we need more volunteers like you to launch repeaters.
Whonix - Networking
Whonix is an operating system that utilizes top level security research and best practices to help users stay anonymous on the internet. To protect a user’s anonymity on the Internet on the technological level Whonix uses virtualization and the Whonix-Workstation combined with the Whonix-Gateway to force all connections through the Tor network.
Proxychains - Networking
Proxychains-ng is a proxy server that supports HTTP, SOCKS4 and SOCKS5 internet protocols, and that works on Linux / GNU, BSD and Mac OS X distributions. Proxychains-ng allows any TCP connection made by a given program to follow a series of proxies up your destiny. In today’s post, we are going to cover the installation, configuration and usage of proxychains in kali linux.
Tor
Create Your Own Tor Relay - Networking
The Tor network depends on volunteers who donate bandwidth. The more people keep repeaters running, the Tor network will be better. Today’s Tor network is quite small compared to the number of people who need to use it, which means we need more volunteers like you to launch repeaters.
Whonix - Networking
Whonix is an operating system that utilizes top level security research and best practices to help users stay anonymous on the internet. To protect a user’s anonymity on the Internet on the technological level Whonix uses virtualization and the Whonix-Workstation combined with the Whonix-Gateway to force all connections through the Tor network.
Proxychains - Networking
Proxychains-ng is a proxy server that supports HTTP, SOCKS4 and SOCKS5 internet protocols, and that works on Linux / GNU, BSD and Mac OS X distributions. Proxychains-ng allows any TCP connection made by a given program to follow a series of proxies up your destiny. In today’s post, we are going to cover the installation, configuration and usage of proxychains in kali linux.
eCPPTv2
eCPPTv2 All you need to know
The eCPPT designation stands for eLearnSecurity Certified Professional Penetration Tester. eCPPT is a 100% practical and highly respected Ethical Hacking and Penetration Testing Professional certification counting certified professional in all the seven continents.
Create your Pivoting networks with Vmware
VMware is a software company that provides virtualization and cloud computing software and services. Virtualization technology allows multiple operating systems to run on a single physical computer, enabling hardware resources to be shared among multiple virtual machines. This technology helps businesses to reduce costs by increasing server utilization, consolidating servers, and reducing power consumption.
Hello World
My First Post
¡Welcome to my webpage! Amazing things are about to come.
Windows
Relevant - TryHackMe
You have been assigned to a client that wants a penetration test conducted on an environment due to be released to production in seven days. The client requests that an engineer conducts an assessment of the provided virtual environment. The client has asked that minimal information be provided about the assessment, wanting the engagement conducted from the eyes of a malicious actor (black box penetration test). The client has asked that you secure two flags (no location provided) as proof of exploitation.
IIS
Relevant - TryHackMe
You have been assigned to a client that wants a penetration test conducted on an environment due to be released to production in seven days. The client requests that an engineer conducts an assessment of the provided virtual environment. The client has asked that minimal information be provided about the assessment, wanting the engagement conducted from the eyes of a malicious actor (black box penetration test). The client has asked that you secure two flags (no location provided) as proof of exploitation.
privileged
Relevant - TryHackMe
You have been assigned to a client that wants a penetration test conducted on an environment due to be released to production in seven days. The client requests that an engineer conducts an assessment of the provided virtual environment. The client has asked that minimal information be provided about the assessment, wanting the engagement conducted from the eyes of a malicious actor (black box penetration test). The client has asked that you secure two flags (no location provided) as proof of exploitation.
msfvenom
Relevant - TryHackMe
You have been assigned to a client that wants a penetration test conducted on an environment due to be released to production in seven days. The client requests that an engineer conducts an assessment of the provided virtual environment. The client has asked that minimal information be provided about the assessment, wanting the engagement conducted from the eyes of a malicious actor (black box penetration test). The client has asked that you secure two flags (no location provided) as proof of exploitation.
eJPTv2
eJPTv2 vs eJPT
The eLearnSecurity Junior Penetration Tester (eJPTv2) is a 100% practical certification on penetration testing and information security essentials. By passing the exam, a cyber security professional proves to employers they are ready for a rewarding new career.
Active Directory
NBT-NS Poisoning
Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS) are two name resolution services that Windows machines use to identify host addresses on a network when DNS resolution fails. LLMNR and NetBIOS are enabled by default on modern Windows computers.
NBT-NS
NBT-NS Poisoning
Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS) are two name resolution services that Windows machines use to identify host addresses on a network when DNS resolution fails. LLMNR and NetBIOS are enabled by default on modern Windows computers.
Web
Stealing Cookies via XSS
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
XSS
Stealing Cookies via XSS
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
Networking
Create your Pivoting networks with Vmware
VMware is a software company that provides virtualization and cloud computing software and services. Virtualization technology allows multiple operating systems to run on a single physical computer, enabling hardware resources to be shared among multiple virtual machines. This technology helps businesses to reduce costs by increasing server utilization, consolidating servers, and reducing power consumption.
eWPT
eWPT All you need to know
The eLearnSecurity Web Application Penetration Tester certification assesses a cyber security professional’s web application penetration testing skills. The exam is a skills-based test that requires candidates to perform a real-world web app pentesting simulation.
HardwareHacking
Flipper Zero Evil Portal
This project will turn your Wi-Fi dev board into an open access point. When users try to connect to this access point they will be served a fake login screen. User credentials are sent to the Flipper and logged on the SD card.
OSCP
OSCP All you need to know
The OSCP is a hands-on penetration testing certification, requiring holders to successfully attack and penetrate various live machines in a safe lab environment. It is considered more technical than other ethical hacking certifications, and is one of the few certifications that requires evidence of practical penetration testing skills.
Amazon AWS
HackTricks ARTE Review
Starting from the basics deepen your expertise in AWS security with a comprehensive exploration of advanced concepts, including in-depth identity and access management strategies, encryption methods, sophisticated networking defenses and learn how to spot and exploit misconfigurations in more than 20 common AWS services. Master the application of specialized red team and whitebox tactics in AWS contexts, enabling the detection and correction of complex security flaws.
ARTE
HackTricks ARTE Review
Starting from the basics deepen your expertise in AWS security with a comprehensive exploration of advanced concepts, including in-depth identity and access management strategies, encryption methods, sophisticated networking defenses and learn how to spot and exploit misconfigurations in more than 20 common AWS services. Master the application of specialized red team and whitebox tactics in AWS contexts, enabling the detection and correction of complex security flaws.
SkullNet
SkullNet Writeup
Welcome to the review of SkullNet, my first CTF available out there, you have what it takes to solve it and become a SkullOperator? Show your skills in this CTF and retrieve the secret Flag!
CTF
SkullNet Writeup
Welcome to the review of SkullNet, my first CTF available out there, you have what it takes to solve it and become a SkullOperator? Show your skills in this CTF and retrieve the secret Flag!
Google Cloud
HackTricks GRTE Review
Deepen your GCP security expertise from the basics to advanced levels, starting by exploring identity management, encryption, and networking defenses. Learn to identify and exploit misconfigurations in tens of the most used GCP services. Master specialized Red Team and Whitebox tactics tailored for GCP, enhancing your ability to detect and correct complex security flaws. Moreover, gain insights into red teaming within Google Workspace and discover effective strategies for pivoting between GCP and Google Workspace platforms.
GRTE
HackTricks GRTE Review
Deepen your GCP security expertise from the basics to advanced levels, starting by exploring identity management, encryption, and networking defenses. Learn to identify and exploit misconfigurations in tens of the most used GCP services. Master specialized Red Team and Whitebox tactics tailored for GCP, enhancing your ability to detect and correct complex security flaws. Moreover, gain insights into red teaming within Google Workspace and discover effective strategies for pivoting between GCP and Google Workspace platforms.