drd_'s Popular Posts
How To:
Enumerate MySQL Databases with Metasploit
How To:
Compromise a Web Server & Upload Files to Check for Privilege Escalation, Part 1
How To:
Use Wordlister to Create Custom Password Combinations for Cracking
How To:
Use Metasploit's Web Delivery Script & Command Injection to Pop a Shell
How To:
Escape Restricted Shell Environments on Linux
How To:
Enumerate NetBIOS Shares with NBTScan & Nmap Scripting Engine
How To:
Gather Information on PostgreSQL Databases with Metasploit
How To:
Bypass Antivirus Software by Obfuscating Your Payloads with Graffiti
How To:
Beat LFI Restrictions with Advanced Techniques
How To:
Discover Open Ports Using Metasploit's Built-in Port Scanner
How To:
Find Exploits & Get Root with Linux Exploit Suggester
How To:
Use MSFconsole's Generate Command to Obfuscate Payloads & Evade Antivirus Detection
SQL Injection 101:
How to Avoid Detection & Bypass Defenses
How To:
Advanced Techniques to Bypass & Defeat XSS Filters, Part 2
How To:
Use Commix to Automate Exploiting Command Injection Flaws in Web Applications
How To:
Detect Vulnerabilities in a Web Application with Uniscan
How To:
Use Banner Grabbing to Aid in Reconnaissance & See What Services Are Running on the System
How To:
Use Metasploit's WMAP Module to Scan Web Applications for Common Vulnerabilities
SQL Injection 101:
Database & SQL Basics Every Hacker Needs to Know
How To:
Generate a Clickjacking Attack with Burp Suite to Steal User Clicks
How To:
Use Linux Smart Enumeration to Discover Paths to Privesc
How To:
Bypass PowerShell Execution Policy to Pwn Windows
How To:
Hack Distributed Ruby with Metasploit & Perform Remote Code Execution
How To:
Use Websploit to Scan Websites for Hidden Directories
How To:
Use Metasploit's Timestomp to Modify File Attributes & Avoid Detection
How To:
Compromise a Web Server & Upload Files to Check for Privilege Escalation, Part 2
SQL Injection 101:
Advanced Techniques for Maximum Exploitation
How To:
Hack UnrealIRCd Using Python Socket Programming
How To:
Use One-Lin3r to Quickly Generate Reverse Shells, Privesc Commands & More
How To:
Discover Hidden Subdomains on Any Website with Subfinder
SQL Injection 101:
How to Fingerprint Databases & Perform General Reconnaissance for a More Successful Attack
How To:
Manipulate User Credentials with a CSRF Attack
How To:
Fingerprint Web Apps & Servers for Better Recon
How To:
Discover XSS Security Flaws by Fuzzing with Burp Suite, Wfuzz & XSStrike
How To:
Use Metasploit's Database to Stay Organized & Store Information While Hacking
How To:
Python 2 vs. Python 3 — Important Differences Every Hacker Should Know
How To:
Use Gtfo to Search for Abusable Binaries During Post-Exploitation
How To:
Abuse Vulnerable Sudo Versions to Get Root
How To:
Use SUDO_KILLER to Identify & Abuse Sudo Misconfigurations
Sites
- Hot
- Latest
-
How To:
Use Banner Grabbing to Aid in Reconnaissance & See What Services Are Running on the System
-
How To:
Discover Hidden Subdomains on Any Website with Subfinder
-
How To:
Use Gtfo to Search for Abusable Binaries During Post-Exploitation
-
How To:
Escape Restricted Shell Environments on Linux
-
How To:
Use Linux Smart Enumeration to Discover Paths to Privesc
-
How To:
Fuzz Parameters, Directories & More with Ffuf
-
How To:
Bypass PowerShell Execution Policy to Pwn Windows
-
How To:
Bypass File Upload Restrictions on Web Apps to Get a Shell
-
How To:
Crack Password-Protected ZIP Files, PDFs & More with Zydra
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
How To:
Conduct a Pentest Like a Pro in 6 Phases
-
How To:
Use Postenum to Gather Vital Data During Post-Exploitation
-
How To:
Write Your Own Bash Script to Automate Recon
-
How To:
Python 2 vs. Python 3 — Important Differences Every Hacker Should Know
-
How To:
Fingerprint Web Apps & Servers for Better Recon
-
How To:
Clear the Logs & History on Linux Systems to Cover Your Tracks & Remain Undetected
-
How To:
Audit Web Applications & Servers with Tishna
-
How To:
Get Started with Kali Linux in 2020
-
How To:
Gather Information on PostgreSQL Databases with Metasploit
-
How To:
Find & Exploit SUID Binaries with SUID3NUM
-
How To:
Bypass File Upload Restrictions on Web Apps to Get a Shell
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
How To:
Crack Password-Protected ZIP Files, PDFs & More with Zydra
-
How To:
Perform Local Privilege Escalation Using a Linux Kernel Exploit
-
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To:
Bypass UAC & Escalate Privileges on Windows Using Metasploit
-
How To:
Get Started with Kali Linux in 2020
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Brute-Force FTP Credentials & Get Server Access
-
How To:
Exploit Shellshock on a Web Server Using Metasploit
-
How To:
Use John the Ripper in Metasploit to Quickly Crack Windows Hashes
-
How To:
Use SQL Injection to Run OS Commands & Get a Shell
-
How To:
Elevate a Netcat Shell to a Meterpreter Session for More Power & Control
-
How To:
Clear the Logs & History on Linux Systems to Cover Your Tracks & Remain Undetected
-
How To:
Perform Directory Traversal & Extract Sensitive Information
-
How To:
Discover Hidden HTTP Parameters to Find Weaknesses in Web Apps
-
How To:
Conduct a Pentest Like a Pro in 6 Phases
-
How To:
Abuse Session Management with OWASP ZAP
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
-
How To:
Manually Exploit EternalBlue on Windows Server Using MS17-010 Python Exploit
-
How To:
Scan Websites for Interesting Directories & Files with Gobuster
-
How To:
Hack Apache Tomcat via Malicious WAR File Upload
-
How To:
Enumerate SMB with Enum4linux & Smbclient
-
How To:
Find & Exploit SUID Binaries with SUID3NUM
-
How To:
Use Command Injection to Pop a Reverse Shell on a Web Server
-
How To:
Upgrade a Dumb Shell to a Fully Interactive Shell for More Flexibility
-
How To:
Get Root with Metasploit's Local Exploit Suggester
-
How To:
Exploit Java Remote Method Invocation to Get Root
-
How To:
Exploit Remote File Inclusion to Get a Shell
-
How To:
Exploit WebDAV on a Server & Get a Shell
-
How To:
Find Hidden Web Directories with Dirsearch
-
How To:
Advanced Techniques to Bypass & Defeat XSS Filters, Part 1
-
How To:
Use LinEnum to Identify Potential Privilege Escalation Vectors
-
How To:
Perform a Pass-the-Hash Attack & Get System Access on Windows
-
How To:
Fuzz Parameters, Directories & More with Ffuf
-
How To:
Get Root Filesystem Access via Samba Symlink Traversal
-
How To:
Write Your Own Bash Script to Automate Recon
-
How To:
Quickly Gather Target Information with Metasploit Post Modules
