M0N73 CRIS70

  I have bought a new Laptop Acer Nitro 5 and tried to install Kali as my base OS. The First error that welcomed me was I have tried many tutorials like one HERE But it didn't worked . I was installing Kali from USB which made boot-able using Rufus. I tried to change it ,I used Etcher.   It solved the issue. After installing Kali, I got the next issue, cant find WiFi option. Again I tried many tutorials. Only one helped me fix the issue   https://www.youtube.com/watch?v=xwQtyE91Fp8 Read its description for downloading compat wireless. Hope it will help your issue. You can also download it from here Compat-Wireless

I have been off from blogging for a while, this is because I partially stopped learning these stuffs. Now I thought I will begin again from the start as I found a new and Interesting website.Come join me as I walk though the tutorial provided by  Portswigger  . First we have to make an account, then go to the learn tab.There they provides XML external entity (XXE) injection SQL injection Cross-site scripting (XSS) OS command injection File path traversal (directory traversal) They are improving the courses.So lets start with sql injection. They have given a detailed material about it, even a video tutorial is provided What is SQL injection?  It is a web vulnerability which allows an attacker to use SQL commands to retrieve unauthenticated data , Get admin privilege and other harmful acts.  While we move along,There are vulnerability labs for testing what we have learned which is a very good feature.In blog lets try the first lab of SQLi.  Retr

Some topic for self Learning?? [+] Sql Injection Attack [+] Hibernate Query Language Injection [+] Direct OS Code Injection [+] XML Entity Injection [+] Broken Authentication and Session Management [+] Cross-Site Scripting (XSS) [+] Insecure Direct Object References [+] Security Misconfiguration [+] Sensitive Data Exposure [+] Missing Function Level Access Control [+] Cross-Site Request Forgery (CSRF) [+] Using Components with Known Vulnerabilities [+] Unvalidated Redirects and Forwards [+] Cross Site Scripting Attacks [+] Click Jacking Attacks [+] DNS Cache Poisoning [+] Symlinking – An Insider Attack [+] Cross Site Request Forgery Attacks [+] Remote Code Execution Attacks [+] Remote File inclusion [+] Local file inclusion [+] EverCookie [+] Denial oF Service Attack [+] Cookie Eviction [+] PHPwn [+] NAT Pinning [+] XSHM [+] MitM DNS Rebinding SSL/TLS Wildcards and XSS [+] Quick Proxy Detection [+] Improving HTTPS Side Channel Attacks [+] Side Chan

I recently realized that,giving walk through wont help half of the beginners..even i have struggled initially to make my own moves without knowing how other analysts are thinking.. So, Lets dive into some basic web tags which will help you know what the site is doing and analyzing.  Every website should have this basic structure... <html> <head> <title></title> </head> <body></body> </html> Every web design is  structured using Hyper Text Markup Language. the code of HTML is written between <html> and </html> [opening and closing html tags] <head> tag is where we import important things such as CSS or JS files ..we also define CSS and JS within the head tag.Within head opening and close tags there is title tag which defines the title of the page.Then we have body tag,this is where the content of web-page is written.This is were we have to make a close look for analyzing. <div>  tag is

R ecently I found another website that have more advanced hacking challenges...I know I need to cover other websites which i have promised you but something in this website is interesting.For registering in this website,you need to hack and get an invite code.So, I thought to deviate from our regular topic and talk about it. The WEBSITE is HACK THE BOX They are asking invite code for registering.As usual i checked source-code of the page.Since I found nothing suspicious,I started looking at JavaScript and found one that seems can help me. <script defer src="/js/inviteapi.min.js"></script> I visited the js..There is a script and i found some keywords from that like "log","invite","verifyInviteCode","makeInviteCode" I went back to our registration page now right clicked and selected inspect. SELECT CONSOLE  Try typing in each keyword and check if function exist. I got output when i checked  veri

Chicago American Nazi Party Racist pigs are organizing an 'anti-immigrant' rally in Chicago. Help anti-racist activists take over their website!   ================================================ From: DestroyFascism  Message : I have been informed that you have quite admirable hacking skills. Well, this racist hate group is using their website to organize a mass gathering of ignorant racist bastards. We cannot allow such bigoted aggression to happen. If you can gain access to their administrator page and post messages to their main page, we would be eternally grateful.  ================================================ So a guy named  DestroyFascism  is asking for our help.Lets visit the website and check the steps we did in previous missions to find vulnerability. Right click and select view source.There is only 52 lines of code. Check the code for suspicious data.I found something! CODE ------------------------------------------------------------- &