• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
KaliTut

KaliTut

Kali Linux tutorial and Linux system tips

  • Home
  • Raspberry Pi
  • Privacy Policy
  • About us

Directory traversal attack example

Last Updated on May 24, 2021 by Walid Salame Leave a Comment

Today I want to show you in practice how the directory traversal attack can be used. This is a very simple and popular attack. But with its help, you can access important information on the server.

directory traversal attack

How to do this, and what the main features of this attack I will discuss in this article. We plan to release a whole selection of articles on the WEB, so I recommend that you be in the subject line so as not to miss the following materials.

[Read more…] about Directory traversal attack example

Filed Under: Penetration Testing Tagged With: directory traversal attack

How to use SQL injections to execute OS commands and to get a shell

Last Updated on April 6, 2022 by Walid Salame Leave a Comment

One of the main goals of almost any hacking is to get a shell (access to the command line) to execute system commands and eventually master the target computer or network. SQL injections are usually associated only with databases and the data that they contain, but in fact they can be used including to get the shell. In this tutorial, we will use SQL injection to exploit a simple vulnerability to get the ability to execute commands, resulting in a reverse shell on the server.

SQL injections

To perform the attack, we will use Kali Linux and a specially created virtual machine with vulnerabilities – DVWA http://www.dvwa.co.uk/. If you are new to Kali, then we recommend that you work through our Kali configuration and security guidelines to ensure that your system is ready for the tasks in this article.

[Read more…] about How to use SQL injections to execute OS commands and to get a shell

Filed Under: Penetration Testing Tagged With: SQL injections

How to list NetBIOS shares using the NBTScan and Nmap Script Engine

Last Updated on June 4, 2020 by Kalitut Leave a Comment

What is netbios? NetBIOS is a service that provides network connectivity and is often used to join a domain and legacy applications. This is a rather old technology, but it is still used in some software environments. And since this is an unprotected protocol, quite often it can be the starting point for an attack on a network. A good start would be to scan NetBIOS shares using the NBTScan and Nmap Script Engine.

What is netbios?

To accomplish this task, we will use our target machine as Metasploitable 2– a virtual machine with vulnerabilities intentionally created in it. We will attack it with Kali Linux, a distribution for hackers and pentesters.

[Read more…] about How to list NetBIOS shares using the NBTScan and Nmap Script Engine

Filed Under: Penetration Testing Tagged With: NetBios

Hacking Windows Active Directory Full guide

Last Updated on July 14, 2020 by Kalitut Leave a Comment

Active Directory is a phenomenon that is quite common when testing the security of large companies. Often there is not a single domain in a single forest, but a more branched and more interesting structure. Therefore, today we will talk about how to conduct exploration, study the structure of the forest, consider the possibilities of elevating privileges. And we will complete a complete compromise of the entire forest of the enterprise!

Hacking Windows Active Directory

It is no secret that many, if not most, large companies use the Active Directory directory service from the notorious MS. The reason is quite obvious.

[Read more…] about Hacking Windows Active Directory Full guide

Filed Under: Penetration Testing Tagged With: Active Directory

Metasploit with Docker and Kubernetes

Last Updated on July 14, 2020 by Kalitut Leave a Comment

Running Metasploit with Docker and Kubernetes
This article is intended to make it easy to build a penetration test environment without complicated settings if Docker and Kubernetes are introduced.

kali metasploit docker
[If you implement the contents of this article to a server or network that you do not manage yourself, please be aware that it may violate the unauthorized access prohibition law]Environment used in this article

[Read more…] about Metasploit with Docker and Kubernetes

Filed Under: Penetration Testing Tagged With: docker, metasploit

  • Go to page 1
  • Go to page 2
  • Go to Next Page »

Follow us

  • Facebook
  • Twitter
  • YouTube

Categories

  • Android pentesting tools
  • Arduino
  • Books
  • Darknet
  • database
  • General
  • Github Tools
  • Hacking
  • Kali Linux
  • Linux
  • Linux Commands
  • Network Administrator
  • Penetration Testing
  • Penetration Testing Tools
  • PowerShell
  • Raspberry Pi
  • resources
  • Review
  • Termux
  • Tutorials
  • Ubuntu
  • Uncategorized
  • Video Tutorials
  • vmware
  • WiFi Adapter
  • WiFi Pentesting
  • Wireless Router
  • Wireshark

Recent Posts

  • Hijacked Wi-Fi? Thorough explanation of hacking techniques
  • Windows PowerShell tutorial for beginners
  • Learn to Hack Steps from Beginner to Hacker
  • PowerShell Tutorial – GUIDE introduction with basics
  • Top Hacking Tools
  • Home
  • About us
  • Privacy Policy
  • Affiliate disclaimer

Copyright © 2023