Save changes in /etc/passwd file The command “:saveas!” is very useful to save changes in a sensitive files: :saveas! /etc/passwd Install Google Chrome Steps to install Google Chrome in Linux:...
Pentesting - Command and control C2 C&C
Description A Command and Control (C2) in pentesting is a system or infrastructure that allows pentesters to remotely control and coordinate compromised devices during a penetration test. It facil...
Mobile Application Penetration Testing - Essentials
Intercepting Traffic with Burpsuite Go to phone settings, click in Wi-FIi options and configure the proxy. Give a Burp certificate error when browsing with the phone. Go to the url where th...
Pentesting - Privilege Escalation
Interesting commands Displays the user and group identity associated with the current user, providing information such as user ID (UID), group ID (GID), and supplementary group memberships: id ...
Pentesting - Pivoting
Interestings Tools for Tunneling and Port Forwarding Enable forwarding on the server side: echo 1 > /proc/sys/net/ipv4/ip_forward Autoroute Syntax: autorute -s <IP-range> proxy...
Pentesting - Persistence
Creating a user and add it on sudoers Create user adduser <user> Create password passwd <password> Add to sudoers with all privileges echo "<user> ALL=(ALL) ALL" >> ...
Pentesting - Information Gathering - Discovery Infraestructure
Information Gathering - Discovery Infraestructure reconftw Github: https://github.com/six2dez/reconftw How to install it: git clone https://github.com/six2dez/reconftw cd reconftw/ ./instal...
Pentesting - Encode & Decode
Encode / Decode CyberChef - Online tool for encode and decode: CyberChef base64 The following command base64-encodes the string ”text”: base64 encode -d <clearText> The fol...
Pentesting - Common Attacks
XSS PoC: <script>alert("hola");</script> <script>alert(document.cookie);</script> <img src="" onerror=alert(window.origin)> Basic payloads: <script...
VulnerabilityAPI: Unraveling Web Application Vulnerabilities!
Welcome to the fascinating world of VulnerabilityAPI! This impressive REST API is specifically designed to help you learn about vulnerabilities affecting modern web applications. Currently, we are ...