PRINT
PRINT
SEND MAIL
SEND MAIL

Category: TUTORIALS

NEW TOOLS

Fud 100% services packages ready for sales

We offer a monthly Crypter service to make your files undetectable encrypted! this is how it works: You zip the files you want to encrypt and send them to our email cybersec@cybeseclabs.com then we will encrypt and make your files/file fud 100% (undetectable by any antivirus) and send them back to your email! We offer 3 packages: Standard Prenium Ultimate All those packages offer some unique futures to encrypt your file!  

Windows10

Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

penetration testingTUTORIALS

Bypass Application Whitelisting using mshta.exe (Multiple Methods)

Today we are going to learn about different methods of HTA attack. HTA is a useful and important attack because it can bypass application whitelisting.  In our previous article, we had discussed on “Windows Applocker Policy – A Beginner’s Guide” as they define the AppLocker rules for your application control policies and how to work with them. But today you will learn how to bypass Applocker policies with mshta.exe.  And to learn different methods of the said attack always come handy. Table of content: Introduction…

CTF ChallengesTUTORIALS

Hack the Box: SecNotes Walkthrough

Today we are going to solve another CTF challenge “SecNotes”. SecNotes is a retired vulnerable lab presented by Hack the Box for helping pentesters to perform online penetration testing according to their experience. They have a collection of vulnerable labs as challenges; ranging from beginners to expert level. Level: Easy Task: To find user.txt and root.txt file Penetration Methodology: Scanning Network TCP and UDP ports scanning (nmap). Testing port 80 Exploiting 2nd order SQL injection on sign up form. Retrieving all the notes in the…

penetration testingTUTORIALS

Bypass Application Whitelisting using msiexec.exe (Multiple Methods)

In our previous article, we had discussed on “Windows Applocker Policy – A Beginner’s Guide” as they defines the AppLocker rules for your application control policies and how to work with them. But Today you will learn how to bypass Applocker policies. In this post, we have block “cmd.exe” file using Windows applocker Policy and try to bypass this restriction to get command prompt. Table of Content Associated file formats where Applocker is applicable Challenge 1: – Bypass Applocker with .msi file to get…

penetration testingTUTORIALS

Get Reverse-shell via Windows one-liner

This article will help those who play with CTF challenges, because today we will discuss “Windows One- Liner” to use malicious commands such as PowerShell or rundll32 to get reverse shell of the Windows system. Generally, while abusing HTTP services or other programs, we get RCE vulnerability. This loophole allows you to remotely execute any system command. We have therefore prepared a list of Windows commands that enable you to use the target machine to get reverse connections. Table of Content Mshta.exe Launch HTA…

penetration testingTUTORIALS

Configure Sqlmap for WEB-GUI in Kali Linux

Hello everyone and welcome to this tutorial of setting up SQLMAP for Web-GUI. Web-GUI simply refers to an interface that a browser provides you over the http/https service. SQLMAP is a popular tool for performing SQL injection attacks on sites affected by MySQL errors; be it an error based SQL injection or hidden SQL; sqlmap is the biggest tool there is for performing SQL injection attacks. But very few people know that sqlmap also provides an API for it’s service that is written in…

penetration testingTUTORIALS

SMB Penetration Testing (Port 445)

In this article, we will learn how to gain control over our victim’s PC through SMB Port. There are various ways to do it and let take time and learn all those, because different circumstances call for different measure. Table of Content Introduction to SMB Protocol Working of SMB Versions of Windows SMB SMB Protocol Security SMB Enumeration Scanning Vulnerability Multiple Ways to Exploit SMB Eternal Blue SMB login via Brute Force PSexec to connect SMB Rundll32 One-liner to Exploit SMB SMB Exploit via…

CTF ChallengesTUTORIALS

Hack the Box: Fighter Walkthrough

Today we are going to solve another CTF challenge “Fighter”. It is a retired vulnerable lab presented by Hack the Box for helping pentester’s to perform online penetration testing according to your experience level; they have a collection of vulnerable labs as challenges, from beginners to Expert level. Level: Intermediate Task: To find user.txt and root.txt file Note: Since these labs are online available therefore they have a static IP. The IP of Fighter is 10.10.10.72 Penetrating Methodology Network scanning (Nmap) Browsing IP address…

penetration testingTUTORIALS

SMTP Log Poisioning through LFI to Remote Code Excecution

Hello friends!! Today we will be discussing on SMTP log poisoning. But before getting in details, kindly read our previous articles for “SMTP Lab Set-Up” and “Beginner Guide to File Inclusion Attack (LFI/RFI)” . Today you will see how we can exploit a web server by abusing SMTP services if the web server is vulnerable to local file Inclusion. Let’s Start!! With the help of Nmap, we scan for port 25 and as result it shows port 25 is open for SMTP service.nmap -p25…

CTF ChallengesTUTORIALS

Hack the Box: Mischief Walkthrough

Today we are going to solve another CTF challenge “Mischief”. Mischief is a retired vulnerable lab presented by Hack the Box for helping pentester’s to perform online penetration testing according to their experience; they have a collection of vulnerable labs as challenges, from beginners to Expert level. Level: Easy Task: To find user.txt and root.txt file Penetration Methodologies Scanning Network TCP and UDP ports scanning (Nmap) Enumeration SNMP Service Enumeration (Nmap Script) Obtain credential for port 3366 login Identify IPv6 address (ENYX) Scanning Ipv6 (Nmap)…