In this article we will be talking about the very basics of Metasploit and the Metasploit commands used in the command line interface. At first the MSF console command line and the number of available commands might seem a lot and hard to understand and use, but don’t be intimidated by them. Once you get to understand the concept and the clear structure it will be very easy. If we put it all together the Metasploit framework consists of the core and base, a lot of exploits, payloads, modules (Ruby classes), plugin’s, scripts and multiple user interfaces. Metasploit framework also contains some great information gathering tools called auxiliary modules. Auxiliary modules can be used for port scanning, service identification, password sniffing and Windows patch enumeration. Metasploit is highly customizable for advanced users and can be customized the meet your custom needs by writing your own exploits, modules, plugin’s and scripts. If Metasploit doesn’t provide…
Author: Hacking Tutorials
In this new Metasploit tutorial we will be installing and configuring Metasploit on Kali Linux and the Metasploitable 2 virtual machine on VMware Player. Metasploit is one of the most popular and top rated penetration testing tools on the market and is designed for penetration tests, vulnerability assessments and developing and executing exploit code against remote targets. Metasploit is an open source project available in a free Metasploit Framework and community version and there is a paid pro version which even contains more features. Metasploit has several user interfaces, both command line and graphical user interfaces. Armitage is the graphical attack management tool which visualizes targets and is recommending exploits for known vulnerabilities. In this tutorial and the ones to following, we will be using the free Metasploit framework edition which is installed by default on the latest version of Kali Linux. If you have no or little experience with command lines and Metasploit we recommend you to read…
One of the most important and essential pieces of software on Windows computers nowadays is antivirus software to protect you against malware, exploits and hackers. With new advanced malware being released every day used to compromise privacy, blackmail the owners of infected machines and send spam, antivirus software is more important than ever. Most malware is designed and spread with a financial motive, ransomware for instance which encrypts all files on your computer and demands a payment in Bitcoin for the decryption key. Malware is often spread through infected websites that contain malicious software, phishing e-mails and online downloads. In many occasions users are infected by their own actions, for example opening a malicious attachment in the mail or downloading a file from the internet. But sometimes there isn’t a single thing you can do to prevent infection, for example by visiting a mainstream news website which is infected with…
Last year we already did a tutorial on how to install VPN on Kali Linux. Since then a lot has changed and the installation procedure is a little different now. This resulted in a lot of questions by our readers through comments on this website and social media. In this tutorial we will be installing VPN on Kali Linux 2016 rolling edition using OpenVPN and also the VPN service from Golden Frog again as we did in the last tutorial. Of course you can use any VPN provider you like, including free VPN services, since the installation procedure will be practically the same for any provider. If you do not have a VPN provider yet you might as well take advantage of one of the following offers from Golden Frog: If you sign up using one of the following links you can get a 50% discount: Or the following offer with 25% off for annual…
Today we got our hands on a brand new TP Link Archer C5 router which we will be testing for known vulnerabilities such as hidden backdoors and vulnerabilities, brute force default passwords and WPS vulnerabilities. In this new WiFi hacking tutorial we will be using different tools on Kali Linux 2.0 like Reaver, pixiewps and the Aircrack-ng suite to exploit possible vulnerabilities. TP Link is known to use easy to break default passwords such as the WPS PIN as default wireless password or a password which is derived directly from the MAC address. Especially the last one would make it very easy to retrieve the password because the MAC address is not meant to be secret and is actually send with every single wireless packet send from the router. With a packet analyser like Wireshark it is very easy to retrieve MAC addresses from sending and receiving devices, including the…
Today I decided to make a fresh install of Kali Sana 2.0 on a spare laptop so Kali Linux 2.0 will run a lot faster than in a virtual machine using VMware. The Kali Linux installation process is pretty straight forward, easy and doesn’t need to much explanation until things go wrong. During the installation I did ran into a couple of problems unfortunately. The first one was related to the installer trying to access the CD-ROM drive for the installation files instead of the USB device. After some research on the internet I discovered that this had to do with a bug and tried several solutions and finally found the last one was working and solved the issue. Because we haven’t done any installation tutorials about Kali Linux so far on Hacking Tutorials I decided to write a small tutorial on this subject for those of you who are…
Udemy is an online education marketplace with over 30.000 courses which over 7 million students have enrolled in taught by 19.000+ instructors. Udemy has courses for about anything you wish to learn varying from IT, marketing and academics to language development and business. The courseware consists of written materials, video’s and quizzes. Udemy also has a few great hacking courses about ethical hacking, IT security and development, from basics courses to advanced courses and lifetime access to the course materials. Udemy courses are a great way to expand your knowledge fast and cheap. Currently Udemy has more than 17.000 courses for sale and includes a few very popular hacking courses too. If you want to learn about ethical hacking, penetration testing, development or networking on a wider scale, taught by experienced instructors without having to spend 1.000’s of dollars? Take advantage of this great Udemy hacking courses. Update Jan. 09, 2016: We’ve kicked off with the first…
Hacking Tutorials first started in June 2015 with the first few hacking tutorials about WiFi hacking and some general hacking tutorials. Since than we’ve expanded the tutorial section with Websploit & Metasploit tutorials, basic scanning tutorials with Nmap and the latest series of tutorials is covering the basics of malware analysis. At this time we’re planning Hacking Tutorials 2016 where we will also be covering more advanced subjects in depth in the field of ethical hacking, penetration testing, malware analysis and programming for hackers. Of course we will be expanding the basic tutorial sections also for those who just started out learning about ethical hacking and penetration testing. Hacking Tutorials 2016 The current planning for Hacking Tutorials 2016 is focused on expanding our knowledge with more advanced and in depth Hacking Tutorials. We will shift the main focus from basic hacking tutorials to more advanced hacking tutorials. Basic tutorials are focused…
In this new hacking tutorial we will be Piping Crunch with Aircrack-ng so we can get rid of the constantly increasing dictionary files used to retrieve WiFi passwords from cap files. When we pipe the output from Crunch with Aircrack-ng the data will be fed directly into Aircrack-ng instead of a text file. Aircrack-ng will be using the input from Crunch for brute forcing the password. This method will safe us a lot of time and valuable drive space since effective wordlists for brute forcing purposes tend to grow very fast in a short time. Piping Crunch with Aircrack-ng After we’ve captured the 4 way handshake, which we will not be covering in this tutorial, we can pipe Crunch with Aircrack-ng to break the password. The following tutorials will teach you how to capture handshakes using the aircrack-ng software suite in Kali Linux: The Top 10 Wifi Hacking Tools in…
In this tutorial we will be looking at how to bypass MAC filtering on a wireless network. MAC filtering, or MAC white- or blacklisting, is often used as a security measure to prevent non-whitelisted or blacklisted MAC addresses from connecting to the wireless network. MAC Address stands for media access control address and is a unique identifier assigned to your network interface. With MAC filtering you can specify MAC addresses which are allowed or not allowed to connect to the network. For many occasions MAC filtering can be sufficient as a security measure but in others it is certainly not. MAC filtering is totally useless to protect company networks and data or to prevent networks from being hacked over WiFi because is it so easy to bypass. When MAC filtering is in place you can easily determine whitelisted MAC addresses by scanning for connected clients using a tool like airodump-ng. In this case we can assume that…