Adding automating pentest tools for WebApi to my hacking rig. Astra and Fuzzapi. @bsdbandit @RedSiege @TimMedin @Fuzzapi0x00 #OpenSource #Security #WebServices #API #webapi

This blog will be relatively short, but I thought the webinar I listened to was so interesting that I have to write about it. Webinar from Red Siege yesterday evening (21.00 Swedish time) regarding hacking webapi. Link: https://www.redsiege.com/api/. This was presented by @bsdbandit. I was blown away, this is really cool stuff. I was the... Continue Reading →

20 January, 2021 0

Explain in my own way how to do basic Buffer Overflow. With help from @RealTryHackMe #BufferOverlow #Hacking #INFOSEC #LINUX4HACKERS #pentest #pentesting #redteam

First this is not advanced BufferOverflow, more for me to write down and document what I did at tryhackme to get BufferOverflow Prep working. We start of what you need. Windows 7 box with ImmunityDebugger and mona installed. Access to the application ocsp.exe. You can do this online with tryhackme or download the application your... Continue Reading →

19 January, 2021 0

Why would you use masks with hashcat when you crack hashes in brute force mode. @hashcat #LINUX4HACKERS #HASHCAT #LINUX #INFOSEC #HACKING #PENTEST #PENTESTING #REDTEAM #NVIDA #TESLAM60 #NTLM #BRUTEFORCE

In this post I will try to explain why it is important to use masks when you crack password from hashes with hashcat. The machine that I run hashcat on has 2 Tesla M60 card and running Linux. Why do I not use longer password in this test, I do not want to wait 7... Continue Reading →

13 January, 2021 0

How to export/crack SAM database with internal Windows tools if you do not have access to mimikatz / hashdump / metasploit. As a bonus we also look at cached domain hashes. #LINUX4HACKERS #HASHCAT #LINUX #INFOSEC #HACKING #PENTEST #PENTESTING #REDTEAM #NVIDA #TESLAM60

Hi! I wanted to dump hashes on a Windows 10 box without any external tools. This is how I did it. We start at first with the short version Export SAM with reg.exeConvert SAM with impacket-secretsdump to get to the hashesUse hashcat to crack the hashes We start first with exporting the sam database with... Continue Reading →

11 January, 2021 0

Migrate from VirtualBox to QEMU/KVM on Ubuntu 20.10 as host. And get the VMs up and running. #qemu #kvm #libvirt #virtualbox #linux #virtualbox @ubuntu

Hi! I am have been running VirtualBox for my VMs on a Linux host for some time now. But when kernel 5.10 was installed there was some issue with compiling the drivers for VirtualBox. I think there is a workaround out there, but I needed to fix this asap. So I decided to migrate to... Continue Reading →

8 January, 2021 0

Blog at WordPress.com.

Up ↑