Jump to content

Search the Community

Showing results for tags 'pentest'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 22 results

  1. hello everybady,i am new in this forum.right now i work as penetration tester for a little compay who protects from mobile hacking.In this project I am searching for an opensource app or a leaked app that has the ability to do full jailbreak to an iPhone and get full Remote access like: uploads and downloads data from the phone,use the camera and video, record voice,gets user location,web history,list of contacts and so on.i also tried many commrical apps like:mSpy,MobileStealth and so on but they were useless.i thoungt to myself that for the start i can lure the user using spearphising or wif
  2. I am looking to do some pen testing qualifications in the near future. I am really interested in buying some of the tool kits offered on the HAK5 Shop but just wanted to know if there are any laws for Japan that would not allow tools like this?
  3. I have JWT token and I want to modify the key id field. Kid field can be used for local files. I had verfied that /etc/passwd can be used but I don't know the content. So I want to know some files that I can predict the content. The target website have 127.0.0.1/__sinatra__/404.png which I can download that png file. But I don't know the absolute path for that file. Does anyone know the solution of my problem.? Please help me.
  4. Im looking for some ideas on how to work on and practice using kali linux for the purpose of pen-testing and using all the various functions kali comes with. Things to bare in mind: I am fairly new to this, I have more then one computer, Im looking to aggressively expand my knowledge in this area, and of course i wanna be able to do this w/o breaking or damaging anything. Thoughts and suggestions, please and thank you!
  5. Hey everyone, just wanted to show you a recently created service for automated web application and network security scan. If some of you are hosting you'r own web applications perhaps you could test it. If you actually do, please check if there is some vulnerability Metascan could not find. Features: 1. Scans all 65535 ports on target hosts. The scan might take a while but it makes sure that all running services are found. 2. All the services running on host are checked for available vulnerabilities using CVEdetails DB. 3. All input forms and HTTP parameters are
  6. Original link is here (with more pertinent details that I won't post in this thread): https://github.com/corna/me_cleaner/issues/51 My name is Carlos Royal and I've witnessed several zero day exploits used against my computer. As a result of this, I've been the target of government corruption AND an extended gaslighting campaign that's designed to undermine the fact that the government got caught red handed breaking into my pc (when I was using an end-of-life system that had no management engine) by means of both attempting to erode my sanity/make me question my memory and attempting to p
  7. The Pineapple has many features that make it a multi-layer tool in the steps of pentesting. It can do everything from passive sniffing to dns spoofing. Where should this fit into my workflow? And where has it fit into yours? Thank You! -Michael
  8. Hi, im new to this forum and i have a question related to wireless penetration testing. I have a Alfa AWUS036NH Card and amped it to 33dBm and a Yagi-uno antenna with 25dBi of gain.. If i'm correct the EIRP calculation should result in 58 Watts / EIRP. So my question is how far would i get with this setup and another thing i live in a place where surrounded with a lot of houses does that mean that the walls, roofs etc block the signal and decrease the signal so i get less further than when (i.e on top of a building.)
  9. Hello guys, I have been working on VulnHub/Root-me.org/Hackthebox.eu watching the hak5 show a lot on youtube lately one of the common things i have noticed on all the platforms is that people looking for a starting point to get into the security field to help everyone whose new to this field, you need a strong will a lot of persistence and above all "Try Harder" attitude to help the community further I made a blog where I will be posting CTF guides/Attack Methodology from metasploit to reverse engineering everything so please check out this blog and please tell me about your views! http:/
  10. Hello guys, I have been working on VulnHub/Root-me.org/Hackthebox.eu watching the hak5 show a lot on youtube lately one of the common things i have noticed on all the platforms is that people looking for a starting point to get into the security field to help everyone whose new to this field, you need a strong will a lot of persistence and above all "Try Harder" attitude to help the community further I made a blog where I will be posting CTF guides/Attack Methodology from metasploit to reverse engineering everything so please check out this blog and please tell me about your views! http:/
  11. Hello, I'm working as pentester freelancer. The company that hired me has to perform annually at least one external and one internal pentest of its web application (they have an e-commerce service). They have to obey a set of compliance rules to ensure that they will keep a maturity security level. To keep this level of maturity security, an external audit company has to identify and verify if these pentests were executed. Note that this means that the external audit company does not have to know which vulnerabilities were found, but they have to be sure that tests were made. Pentests's rep
  12. How can someone use Powershell Empire for attacks over the internet? Do you need a server? Also can someone create a Veil-Evasion payload and then get a connection in Empire? It would be great if someone could use it outside of the network because Privilege Escalation is way easier than it is with Metasploit! Furthermore are there any tools for Post-Exploitation other than Metasploit , Powersploit? Any suggestions would be appreciated!
  13. Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time without the need for a single email. Developed with a specialized set of functionalities that help users improve their own work, the main purpose is to re-use the available tools in the community taking advantage of them in a collaborative way! Check out the Faraday project in Github. Two years ago
  14. Disclaimer: This script is intended for LEGAL purposes ONLY. By downloading the following material you agree that the intended use of the previously mentioned is for LEGAL and NON-MALICIOUS purposes ONLY. This means while gaining client side exploits, you have the correct documentation and permissions to do so in accordance with all US and International laws and regulations. Nor I nor any associates at Hak5 condone misuse of this code or its features. Responsibility Disclosure: Hak5 has no affiliation with this code base. This code is not reviewed or verified by Hak5; therefore they do not
  15. Hi all, Just a quick post about certs. Im new to Security so thinking about doing Offensive Security course but need to save up ha ha. I am currently a sys admin/devops and want to move into pen testing as thats where I have wanted to be for a long time. Anyone else here done any similar certs? if so what was your experience, was it useful to do etc?
  16. Work has been a little slow and I have some time on my hands. I've been considering publishing a website with a lot of hacking related content. Mostly links to tutorials, software, videos, and things like that. Basically a web directory specifically geared toward cybersecurity. I've been looking through some affiliate program and ad networks and most of them don't want to advertise on hacking related sites, even if the site is purely informational. Looking for some kind of company that serves interstitionals, banners, or something like that. I'm not really pick but I need it to meet these th
  17. Hey everybody. I am new to this forum but not new to Hak5 (love the show). It has been some time since I played with Backtrack (now Kali Linux -- has it been that long for me? hah) and toyed with the basics using my home network as a guinea pig :-D I live in an apartment complex and am starting to wonder if my home network might be the target of some tomfoolery... Trying not to sound too paranoid here but I've been noticing more red flags lately.... it is probably nothing... but it is probably time for me to give the home network a health checkup :-) I was just wondering if someone could
  18. Hi, I want to use my 8GB USB stick as a multiboot USB which can boot into useful tools like ophcrack and kali. I have seen that Hak5 have many videos on this topic including Multipassing usb's, Katana and such. Some of these are as old as 2006. I am interested in using Katana, but I would like the most up to date USB toolkit, from 2014/15. If you need any more info, ask. Thanks!
  19. Hi I have an Office automation can Pentest. And I Session that is sent from the client to the server-side Office automation to test. What can I bring this Session outgoing and incoming. I'm a DLL in the client-side Office automation. Searching for what I should look for? tank you .
  20. I want to learn more about hacking. I have heard about free hacker spaces. But whenever I look those up on Google I find a nice long list of broken links. Are there still any legal hacker spaces open?
  21. So, here's a simple change that could pay out big (in a pinch) on a pentest... How does it work? It embeds a tiny iframe (about the size of a ".") at the bottom of a spoofed webpage. Once someone browses to the site they're immediately connected to the attacking machine. Dozens of exploits are then sent back to the victim. If the attack is successful, the attacking machine will receive a meterpreter shell. How to set it up. Add the iframe below to any/all of your spoofed sites. Example, the "facebook.html" file from Darren's "phish-pineapple.zip". Open msfconsole and "use auxiliary/server/
  22. hi! i read an article about whatsapp. they say whatsapp is still hackable. i tryed to log in to my account with a xmpp-client on windows. i used countrycode+phonenumber as username and md5hash of reversed udid of my phone. server was s.whatsapp.com. but i cant connect. does anyoneknow what i did wrong? (i know, my english is unique :) )
×
×
  • Create New...