Hacking&Pen Test

A Powerful Enterprise Security Detection Penetration Tool – Goby

A Powerful Enterprise Security Detection Penetration Tool – Goby

Goby is a new network security testing tool developed by Chinese Zhao Wu Zwell (author of Pangolin, JSky, FOFA) Support dual languages, Chinese and English. . . It is stated that this tool is suitable for internal security penetration testing and detection of the enterprise, and aims to improve the internal security of the enterprise. The introduction …

A Powerful Enterprise Security Detection Penetration Tool – Goby Read More »

https://cybersguards.com/wp-content/uploads/2019/01/Web-App-Pen-Testing-768x572.jpg

Intranet penetration – permission maintenance (get windows, linux passwords, install backdoor)

Introduced When an attacker acquires server permissions, he or she usually uses some backdoor technology to maintain the permissions he currently gets, and once the server is implanted in the back door, it is much easier for the attacker to enter the next time Objective Since the attack may be discovered, it may be previously obtained to …

Intranet penetration – permission maintenance (get windows, linux passwords, install backdoor) Read More »

The use of BurpSuite tools for safety testing and learning

The use of BurpSuite tools for safety testing and learning

BurpSuite Introduction:BurpSuite is an integrated penetration testing tool with many penetration testing components. It can implement interception requests, packet capture, etc. but is more powerful than fiddler and postman. Burp Suite is a software that does not need to be installed. After the download is complete, you can enable it directly from the command line. However, Burp Suite …

The use of BurpSuite tools for safety testing and learning Read More »

Pen Test Tools

Pen Test Tools

Burp Suite Knockpy HostileSubBruteforcer sqlmap Nmap Eyewitness Shodan What CMS Nikto Recon-ng idb Wireshark Bucket Finder Google Dorks IPV4info.com JD GUI Mobile Security Framework Firefox Plugins: FoxyProxy UserAgentSwitcher Firebug Hackbar Websecurify CookieManager+ XSS Me Offsec Exploit-db Search Wappalyzer

One Method to Crack Websites Prohibiting Copy and Paste

One Method to Crack Websites Prohibiting Copy and Paste

First of all, we need to know that the function of prohibiting copy and paste on a website is generally implemented by JS. It is usually implemented by the following statement: var bodyMain = document.getElementById (‘bodyMain’); // prohibiting copy and paste setting is FALSE bodyMain.oncopy = function(){ return false; } // prohibiting copy and paste setting …

One Method to Crack Websites Prohibiting Copy and Paste Read More »

Several Methods to Run Mimikatz

Mimikatz is an artifact that can obtain memory from the Windows Authentication (LSASS) process, and obtain plaintext passwords and NTLM hashes. Mimikatz is commonly used in intranet penetration to obtain plaintext passwords or hash values ​​to roam the intranet. However, in actual application, we often encounter the interception of killing soft, so here I refer to the information on …

Several Methods to Run Mimikatz Read More »