Jump to content
Hak5 Forums

Karit

Active Members
  • Content count

    84
  • Joined

  • Last visited

  • Days Won

    2

About Karit

  • Rank
    Hak5 Fan ++
  1. Force http when site require https

    How does the site require HTTPS? IF the site enforces HTTPS through HSTS and the user has visited the site before or they have HSTS Preload the browser just won't connect to HTTP for the site.
  2. setting up a hack lab

    My first thought is what exactly do you want to run on the xenserver to make a hack lab? For beginning the single VM/iso from https://pentesterlab.com/ are really good. They just run fine on your desktop just need one at a time, so no need for a full server. I personally would start there. Save the money for now. Sure if want to get into more set up a xenserver so you can start making a full network to pivot through etc. Though maybe by that stage best to see if you can get a job with a Pen Test firm as then your client set up and manage the network for you :p You just need to identify the issues.
  3. Getting credentials from an app

    Yes last time I looked those apps Cert Pin. Also you will find a lot of apps with use OAuth so don't store or transmit user/pass pairs. Though you can still use the OAuth token. Though the token is often limited in the functions it can do.
  4. Introducing the WiFi Pineapple NANO

    With HSTS not really sure how you are going to get around it. If it is in the Preload list or have visited the site before the broswer will refuse to connect to anything but HTTPS. Then you have to hope the user will just click yes on the cert warning dialog.
  5. Kali provides simple builds for Chromebooks https://www.offensive-security.com/kali-linux-vmware-arm-image-download/ Some Chromebooks are ARM so x86 won't run
×