Hacking Tutorials

Browsing: Web Applications

In this section we will be publishing hacking tutorials related to pentesting web applications and webservers. You’ll be learning how hackers enumerate usernames on the very popular WordPress CMS and how passwords are bruteforced with wpscan. If you want to learn more about web vulnerability scanners like Nikto and Uniscan, you’re in the right section.

Exploit tutorials

By Hacking TutorialsDecember 17, 20210

Log4Shell VMware vCenter Server (CVE-2021-44228)

Log4Shell is a critical vulnerability with the highest possible CVSSv3 score of 10.0 that affects thousands of products running Apache Log4j and leaves millions of targets potentially vulnerable. CVE-2021-44228 affects log4j versions 2.0-beta9 to 2.14.1.…

Web Applications

By Hacking TutorialsNovember 14, 20170

Discovering subdomains with Sublist3r

Today we’re going to do a small tutorial on subdomain enumeration with a tool called Sublist3r. Whether you’re a penetration tester enumerating possible attack vectors or a bug bounty hunter looking for domains that are in…

Web Applications

By Hacking TutorialsAugust 10, 20152

Uniscan Webserver fingerprinting in Kali Linux

Uniscan is a simple but great tool for Remote File Include, Local File Include and Remote Command Execution vulnerability scanner. In this tutorial we will be exploring the webserver fingerprinting functionality in Uniscan on Kali Linux.…

Metasploit Tutorials

By Hacking TutorialsJune 28, 20150

Websploit Cloudflare Resolver module

In this tutorial we will be testing and using the Cloudflare resolver module in Websploit on Kali Linux. Cloudflare is a company that provides a content delivery network and distributed DNS (Domain Name Server) services, sitting…

Metasploit Tutorials

By Hacking TutorialsJune 7, 20151

Websploit Directory Scanner – Scanning webserver directories

In the next few tutorials I will explain how to use the different Websploit modules. WebSploit is an open source project for web application assessments. In this tutorial we will be using the websploit directory…

Web Applications

By Hacking TutorialsJune 3, 201522

How to hack a WordPress website with WPScan

This tutorial in the category Wordpress hacking will teach you how to scan WordPress websites for vulnerabilities, enumerate Wordpress user accounts and brute force passwords. Enumerating WordPress users is the first step in a brute force attack in order…

Web Applications

By Hacking TutorialsMay 31, 20153

Scanning Webservers with Nikto for vulnerabilities

Nikto is a very popular and easy to use webserver assessment tool to find potential problems and vulnerabilities very quickly. This tutorial shows you how to scan webservers for vulnerabilities using Nikto in Kali Linux. Nikto comes…

Browsing: Web Applications

Log4Shell VMware vCenter Server (CVE-2021-44228)

Discovering subdomains with Sublist3r

Uniscan Webserver fingerprinting in Kali Linux

Websploit Cloudflare Resolver module

Websploit Directory Scanner – Scanning webserver directories

How to hack a WordPress website with WPScan

Scanning Webservers with Nikto for vulnerabilities

CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability

Installing Rogue-jndi on Kali Linux

Log4Shell VMware vCenter Server (CVE-2021-44228)

The Great Leak: Microsoft Exchange AutoDiscover Design Flaw

CVE-2019-19781: Citrix ADC RCE vulnerability

Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations

Review: Offensive Security Certified Professional (OSCP)

Exploiting Eternalblue for shell with Empire & Msfconsole

Installing VPN on Kali Linux 2016 Rolling