Home
B00ckf0rH4ck
Cancel

Kalilinux Docker Lab

Kalilinux Docker Lab: Power Up Your Security Testing with an Always Up-to-Date Image! Welcome to a new era of security testing! If you’re a cybersecurity enthusiast, you’ll be thrilled to learn ...

Pentesting - Active Directory (AD)

Interesting Tools Internal AD Username Enumeration Kerbrute Installation: sudo git clone https://github.com/ropnop/kerbrute.git sudo make all Including it in the environment variable: s...

Mobile Application Penetration Testing - iOS

Basic info It is more challenging to install applications that are not from the official app store (App Store). You would typically need Xcode or jailbreak the device, or use similar methods. In a...

Mobile Application Penetration Testing - Android

Basic Info Android is based on Linux -> Linux commands works. Manifest.xml -> it is a file that contains info about the version of the API used, the architecture (32 or 64) and mor...

OSINT

Find Leaked Information BreachDirectory Search by email, username, or email address to find leaked passwords, as well as their corresponding hashes. breachDirectory Hunter Search by do...

Steganography

Metadata Metadata refers to the data that provides information about other data. In the context of pentesting, metadata often includes details about files, such as creation date, author, software ...

Pentesting - Transfer Files

It is crucial to know different methods for transferring files between different devices, whether they have the same or different operating systems. Winrm: Tool Evil-winrm WinRM (Windows Remo...

Pentesting - Shell

Create Custom Reverse Shell with online Tool Interesting website for generating custom reverse shell https://www.revshells.com/ Create Custom Reverse Shell with msfvenom Syntax: msfven...

Pentesting - Pentesting Web

Incorrect DNS Resolution The domain and IP need to be added in the /etc/hosts file: sudo nano /etc/hosts CMS Scanner Tool - cmsmap Command syntax: python cmsmap.py https://<IP> U...

Reversing

Detect type of file Command to know what type of file it is: file <nameFile> Debugging Command for debugging ELF files: ltrace <file> Example: ltrace -s 100 ./<fileELF> ...

Pentesting - Brute Force

Default Credentials Some wordlists that contain default passwords for different services: SecLists Rockyou https://github.com/ihebski/DefaultCreds-cheat-sheet/blob...

Pentesting Wireless

Check Available Interfaces Wi-Fi Check the name of the available Wi-Fi interfaces by running: ip link show or iwconfig Monitor Mode Monitor mode in Wi-Fi pentesting is a special configu...

Pentesting - Essentials

Information about the Network There are commands that are used to display the network configuration information of a computer. This commands provide details such as the IP address, subnet mask, de...

Pentesting - Cracking Passwords, Protected Files and Hash

Cracking Protected Files with Password 2john is a tool that is part of the password cracking utilities provided by the John the Ripper project (also known as John). John the Ripper is a popular an...

Pentesting - Attacking Network Services

Email Services Discovery of common ports used for email services: sudo nmap -Pn -sV -sC -p25,143,110,465,993,995 10.129.14.128 Interact with POP3 and IMAP Example with cURL: curl -k 'imap...

Welcome to our cybersecurity blog

Thank you for visiting our cybersecurity blog! We are Ioritz and Elisa, two computer engineers with a master’s degree in cybersecurity and various specializations in the field, along with work e...

FindTrack: An OSINT Automation Tool with Graphical Interface

FindTrack is a Linux tool designed to automate OSINT (Open-Source Intelligence) with a graphical interface. I (Elisa Alises Núñez) created it as part of my Master’s thesis in Cybersecurity. The ...

HackRF One: Analysis and Solution of Replay/Relay Attacks using Radiofrequency

Introduction: In this article, you will delve into the fascinating world of vehicular cybersecurity. We will explore an in-depth investigation of Replay and Relay attacks, which affect vehicles and...

HackSystemKiller: An Automated Pentesting Tool

HackSystemKiller is a tool that I designed and developed for my Bachelor’s thesis in Computer Engineering (Elisa Alises Núñez). Its main objective is to automate Pentesting tasks from the initial p...

Wireless Network Pentesting: Discovering Vulnerabilities and Tools

Introduction In the field of cybersecurity, ensuring the protection of wireless networks, which have become a fundamental part of our daily lives, is essential. In this article, we will explore a ...