Skip to main content

Posts

Showing posts from August, 2017

how to configure burpsuite with firefox?

Namaste Hackers,



Today, In this Post, I am going to show you about how you can Setup and Configure your Firefox web browser with Burpsuite Applications.

So, let's Start Our Tutorial With Some Basic Understanding.
About BurpSuite Application Burp Suite is a Java application, specially designed for performing security tests and vulnerability scanning. Its capabilities include brute force tool, spider tools, Http Request Intercepting tool, repeater tool, intruder tool, sequencer tool, and many others. read more>>>
How to install it?
Follow This link to get detail setup information.. click here


Configure BurpSuite With Firefox Step 1.
Run BurpSuite 


Select Temporary Project.

Step 2.
Click On Start Burp Button


Step 3.
Wait For Few Minutes

Step 4.
Click on Proxy Tab, And There Click On Option Tab as Shown Below.

From Here, Note Your Interface Address And Port.
Step 5.
Open Firefox Browser, Now To Configure Firefox Go to Options And There Click On Preference As Given Below.



Step 6.
G…

how to install burp suite in Linux/Ubuntu 16.04

Namaste Hackers,


In This Post, I Am going to show you how to install burp suite application in Linux/Ubuntu.
Burp Suite Application
Burp Suite is a Java application, specially designed for performing security tests and vulnerability scanning. Its capabilities include brute force tool, spider tools, Http Request Intercepting tool, repeater tool, intruder tool, sequencer tool, and many others.      read more >>>

So, Let's Start.

Step 1.           First, We will install Java and for this just open your terminal and type:

COMMAND: sudo apt-get install openjdk-8-jre




Step 2.            Now, Click Here And Download BurpSuite Free Edition Linux File. (file extension: .sh) Once You have Download Burpsuite linux file. Open Your Terminal And Type :
Command : sudo bash path/to/download/file


Step 3.
              Now, BurpSuite Setup Wizard Will Appear. So, Just Click Next Button.



Step 4.
        Click Next Button.




Step 5.
             Click Next Button.


Step 6.         Click Finish Button …

What is Burp Suite And its Features?

Hello Friends,



Today, In This Post I am going to Introduce A Very Popular Penetration Testing Tool Called Burp Suite. 
Q1. What is Burp Suite?Ans. Burp Suite is a Java application, specially designed for performing security tests and vulnerability scanning. Its capabilities include brute force tool, spider tools, Http Request Intercepting tool, repeater tool, intruder tool, sequencer tool, and many others. The software was designed and launched by PortSwigger Ltd and According To Burp Suite Official Website Definition: '''Burp Suite is an integrated platform for performing security testing of web applications. It is not a point-and-click tool but is designed to be used by hands-on testers to support the testing process. With a little bit of effort, anyone can start using the core features of Burp to test the security of their applications. Some of Burp's more advanced features will take further learning and experience to master. All of this investment is hugely worth …

how to do SQL Injection Manually

Namaste Friends,



Today, In This Post I Am Going To Show You How To Manually Perform SQL Injection Attacks On Web sites.

So, Let's Quickly Start Our Tutorial.
What Is SQL Injection Attack?
SQL injection is one type of vulnerability in web server. In Which, Attacker Can Insert
different type of SQL statements, syntax and commands (also commonly refers to as a malicious
payload.) and can also execute that statements on the server. read more >>

Friends Here, For Practise Purpose I Am Using DVWA (Damn Vulnerable Web application) On Local Server. As You Can See In Below Image But if you are new, read here >>> SQL Injection Manually Tutorial Steps Step 1.                 Our First Step is to find a target URL to exploit the sql vulnerability. Here, I am Using Metasploit-able vulnerable machine as target URL but you can also find live targets with the help of google dorks. For Google Dorks Usages Read Here

Target Url :

                 http://192.168.1.101/dvwa/vulnerabiliti…

Latest Google Dorks List

Namaste Friends,



Today, In this post, I am going to share with you latest List Of Google Dorks And Some Useful Information About Google Dorks. Google Dorks




Google Dork is a special string for finding any specified or restricted result from any specified website or from the whole Internet with the help of Google Search Engine. These Strings are built with the advanced search operators supported by Google Search Engine. Normally, Google Dorks are used by security researchers, network admins, web developers, IT Professionals and other Networking Experts For Finding Their Filtered limited results.
In Simple Words, Google Dork is a sequence of character that can be used for finding any type of Exact Or Restricted Result Or File With the help of Google Search Engine. For Example: With Google Dork, You Can Find any specified file downloading link directly to Google Search Engine Result Page.

Now, Let Me Show You Some Commonly Used Search Engine Operators But First, I Want To Declare That I Wi…

Download fuzzbunch | NSA Finest Tool | Shadow Brokers

Namaste Friends,



Today, I am going to talk about NSA Finest Tool Fuzzbunch Stolen by Shadow Brokers and Now Freely Available For Public All Over The Internet.

First of all, I want to do the hand off for Shadow Brokers because they really rock the world. They Hacked NSA (National  Computers and Steel Their Secret Hacking Tools. WOW! Amazing.

The Shadow Brokers Introduction
According to Wikipedia """The Shadow Brokers (TSB) is a hacker group who first appeared in the summer of 2016. They published several leaks containing hacking tools from the National Security Agency (NSA), including several zero-day exploits. Specifically, these exploits and vulnerabilities targeted enterprise firewalls, anti-virus products, and Microsoft products. The Shadow Brokers originally attributed the leaks to the Equation Group threat actor, who have been tied to the NSA's Tailored Access Operations unit."""

Fuzzbunch Introduction Fuzzbunch is an Exploitation Framework Writt…

Automated SQL Vulnerable Sites Finder - DarkD0rk3r.py

Namaste Hackers,



Today, In this post I am going to show you how we can easily find a big list of SQL Injection Vulnerable Sites With The Help Of A Scanning Tools? Introduction
Friends, Finding Big list of Vulnerable SQLi Sites Is really very time-consuming process. hence to make this process automatic and faster there is a python script that can do our all work in fewer mintures and the name of the script is DarkD0rk3r.py Version 1.0 Created by b4tazar. you can download this script from here. click here

After Downloading this Script, To Make This Script Executable You Just Need To Remove '.txt' extension from File Name. (rename "darkdork3r.py").

Usages Tutorial
Step 1.

            Now, Open A Terminal and Execute this script.

:~# python darkdork.py


Step 2.

Choose Target Domains And Enter Your Dork String. (Get a big list of google dorks. click here)


Step 3.

Enter No. Of Thread



Step 4.

Enter No. Of Page


Step 5.

Sit Back And Wait For Few Minutes




Step 6.

Select Your Vulnerabi…

Related Post