Kali tools: Nmap

Terminal with the nmap output

The Nmap network mapper is an industry-standard network scanner that is over 20 years old. The Nmap is featured in numerous movies as the “hacking tool”. These movies include The Matrix, Die Hard 4, and The Girl With the Dragon Tattoo. Full list of the Nmap’s appearances you can find at the Nmap homepage (https://nmap.org/movies/). …

Google does not want you to encrypt your drives

I have been running small Google’s Adwords campaign to lure innocent visitors to my blog. My Ad’s were disabled for some time since I couldn’t afford to pay for them. Recently (couple days ago) I re-enabled the ads in hopes of increasing visitor count. I managed to get couple hundred clicks and I was happy …

Exploits Tutorial: The Memory Concepts

In order to compromise a computer system, you need to first find a vulnerability in it’s defenses and successfully exploit the vulnerability. (Un-)Fortunately modern computer systems employs multiple different defenses in order to stop you. In this series we learn of couple different types exploits and how we can exploit them. Computer Science 101 When …

How to make Kali Linux Iptables Firewall Persistent

By default, Kali Linux doesn’t use a firewall in its network interfaces. Although Kali is silent on the network on its default setting, nothing is stopping you from starting up services. And some of the most popular tools are starting up network services (and using default username/password combination)! So just to play on the safe …

How to Hijack Windows 10 Session?

Description Purpose: To hijack a local windows session (any user) Requirements: Local administrator rights Tools: PsExec Even with administrator rights, you can not impersonate (or hijack) a another user. With this attack you gain full control over a locally logged user account. Instructions Download SysInternal’s PsExec tool from here. Extract it to a folder of …

Your Face Is Not Your Password

In recent years there have been an influx of different biometric authentication methods. The latest horse in the race is the Apple’s iPhone X Face ID.  Although face recognition is not anything new, it surely adds it’s own twist in to the game. Apple promises that it’s algorithms can not be beaten by photographs or …

The Anatomy of a Good Password

The recipe for a good password is not an easy one. It needs to be at the same time easy for the user to remember and hard for the computer to guess. Unfortunately past (and too often current) rules for the password complexity have been exactly the opposite. First rule of password: Length Complex strings …

How to Setup Anonymous Website in Tor Network

Setting up an anonymous website or hidden service/server in Tor network is actually easier than setting up a normal web server as Tor router will nicely breach through your firewall and NAT. The regular server requires domain and hostname (DNS), public IP address and firewall rules besides the web server software (Apache, Nginx, IIS). Hidden …

How to Encrypt GnuPG / GPG / PGP Message With Gnu Privacy Assistant

How to encrypt text with GPA In order to encrypt text, you need to first copy and paste the unencrypted text to GPA’s Clipboard. Then select Encrypt from File menu or from icon ribbon. In the dialog, select public keys which can decrypt the encrypted text. You can select multiple keys although every select key …