drd_'s Popular Posts
How To:
Enumerate MySQL Databases with Metasploit
How To:
Compromise a Web Server & Upload Files to Check for Privilege Escalation, Part 1
How To:
Use Wordlister to Create Custom Password Combinations for Cracking
How To:
Use Metasploit's Web Delivery Script & Command Injection to Pop a Shell
How To:
Escape Restricted Shell Environments on Linux
How To:
Enumerate NetBIOS Shares with NBTScan & Nmap Scripting Engine
How To:
Gather Information on PostgreSQL Databases with Metasploit
How To:
Bypass Antivirus Software by Obfuscating Your Payloads with Graffiti
How To:
Beat LFI Restrictions with Advanced Techniques
How To:
Discover Open Ports Using Metasploit's Built-in Port Scanner
How To:
Find Exploits & Get Root with Linux Exploit Suggester
How To:
Use MSFconsole's Generate Command to Obfuscate Payloads & Evade Antivirus Detection
SQL Injection 101:
How to Avoid Detection & Bypass Defenses
How To:
Advanced Techniques to Bypass & Defeat XSS Filters, Part 2
How To:
Use Commix to Automate Exploiting Command Injection Flaws in Web Applications
How To:
Detect Vulnerabilities in a Web Application with Uniscan
How To:
Use Banner Grabbing to Aid in Reconnaissance & See What Services Are Running on the System
How To:
Use Metasploit's WMAP Module to Scan Web Applications for Common Vulnerabilities
SQL Injection 101:
Database & SQL Basics Every Hacker Needs to Know
How To:
Generate a Clickjacking Attack with Burp Suite to Steal User Clicks
How To:
Use Linux Smart Enumeration to Discover Paths to Privesc
How To:
Bypass PowerShell Execution Policy to Pwn Windows
How To:
Hack Distributed Ruby with Metasploit & Perform Remote Code Execution
How To:
Use Websploit to Scan Websites for Hidden Directories
How To:
Use Metasploit's Timestomp to Modify File Attributes & Avoid Detection
How To:
Compromise a Web Server & Upload Files to Check for Privilege Escalation, Part 2
SQL Injection 101:
Advanced Techniques for Maximum Exploitation
How To:
Hack UnrealIRCd Using Python Socket Programming
How To:
Use One-Lin3r to Quickly Generate Reverse Shells, Privesc Commands & More
How To:
Discover Hidden Subdomains on Any Website with Subfinder
SQL Injection 101:
How to Fingerprint Databases & Perform General Reconnaissance for a More Successful Attack
How To:
Manipulate User Credentials with a CSRF Attack
How To:
Fingerprint Web Apps & Servers for Better Recon
How To:
Discover XSS Security Flaws by Fuzzing with Burp Suite, Wfuzz & XSStrike
How To:
Use Metasploit's Database to Stay Organized & Store Information While Hacking
How To:
Python 2 vs. Python 3 — Important Differences Every Hacker Should Know
How To:
Use Gtfo to Search for Abusable Binaries During Post-Exploitation
How To:
Abuse Vulnerable Sudo Versions to Get Root
How To:
Use SUDO_KILLER to Identify & Abuse Sudo Misconfigurations
Sites
- Hot
- Latest
-
How To: Use Banner Grabbing to Aid in Reconnaissance & See What Services Are Running on the System
-
How To: Discover Hidden Subdomains on Any Website with Subfinder
-
How To: Use Gtfo to Search for Abusable Binaries During Post-Exploitation
-
How To: Escape Restricted Shell Environments on Linux
-
How To: Use Linux Smart Enumeration to Discover Paths to Privesc
-
How To: Fuzz Parameters, Directories & More with Ffuf
-
How To: Bypass PowerShell Execution Policy to Pwn Windows
-
How To: Bypass File Upload Restrictions on Web Apps to Get a Shell
-
How To: Crack Password-Protected ZIP Files, PDFs & More with Zydra
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Conduct a Pentest Like a Pro in 6 Phases
-
How To: Use Postenum to Gather Vital Data During Post-Exploitation
-
How To: Write Your Own Bash Script to Automate Recon
-
How To: Python 2 vs. Python 3 — Important Differences Every Hacker Should Know
-
How To: Fingerprint Web Apps & Servers for Better Recon
-
How To: Clear the Logs & History on Linux Systems to Cover Your Tracks & Remain Undetected
-
How To: Audit Web Applications & Servers with Tishna
-
How To: Get Started with Kali Linux in 2020
-
How To: Gather Information on PostgreSQL Databases with Metasploit
-
How To: Find & Exploit SUID Binaries with SUID3NUM
-
How To: Bypass File Upload Restrictions on Web Apps to Get a Shell
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Crack Password-Protected ZIP Files, PDFs & More with Zydra
-
How To: Perform Local Privilege Escalation Using a Linux Kernel Exploit
-
How To: Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How To: Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To: Bypass UAC & Escalate Privileges on Windows Using Metasploit
-
How To: Get Started with Kali Linux in 2020
-
How To: Crack Shadow Hashes After Getting Root on a Linux System
-
How To: Brute-Force FTP Credentials & Get Server Access
-
How To: Exploit Shellshock on a Web Server Using Metasploit
-
How To: Use John the Ripper in Metasploit to Quickly Crack Windows Hashes
-
How To: Use SQL Injection to Run OS Commands & Get a Shell
-
How To: Elevate a Netcat Shell to a Meterpreter Session for More Power & Control
-
How To: Clear the Logs & History on Linux Systems to Cover Your Tracks & Remain Undetected
-
How To: Perform Directory Traversal & Extract Sensitive Information
-
How To: Discover Hidden HTTP Parameters to Find Weaknesses in Web Apps
-
How To: Conduct a Pentest Like a Pro in 6 Phases
-
How To: Abuse Session Management with OWASP ZAP
-
How To: Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To: Exploit EternalBlue on Windows Server with Metasploit
-
How To: Manually Exploit EternalBlue on Windows Server Using MS17-010 Python Exploit
-
How To: Scan Websites for Interesting Directories & Files with Gobuster
-
How To: Hack Apache Tomcat via Malicious WAR File Upload
-
How To: Enumerate SMB with Enum4linux & Smbclient
-
How To: Find & Exploit SUID Binaries with SUID3NUM
-
How To: Use Command Injection to Pop a Reverse Shell on a Web Server
-
How To: Upgrade a Dumb Shell to a Fully Interactive Shell for More Flexibility
-
How To: Get Root with Metasploit's Local Exploit Suggester
-
How To: Exploit Java Remote Method Invocation to Get Root
-
How To: Exploit Remote File Inclusion to Get a Shell
-
How To: Exploit WebDAV on a Server & Get a Shell
-
How To: Find Hidden Web Directories with Dirsearch
-
How To: Advanced Techniques to Bypass & Defeat XSS Filters, Part 1
-
How To: Use LinEnum to Identify Potential Privilege Escalation Vectors
-
How To: Perform a Pass-the-Hash Attack & Get System Access on Windows
-
How To: Fuzz Parameters, Directories & More with Ffuf
-
How To: Get Root Filesystem Access via Samba Symlink Traversal
-
How To: Write Your Own Bash Script to Automate Recon
-
How To: Quickly Gather Target Information with Metasploit Post Modules