-
Reverse shell on a Node.js application
This post is copied from: https://wiremask.eu/writeups/reverse-shell-on-a-nodejs-application/ As the site is down right now, i just thought it should be replicated at another source. Reverse shell on a Node.js application How we obtained a Javascript reverse shell by exploiting a vulnerability on a Node.js application during a security assessment. Introduction We were tasked by a small…
-
Mega thread for Categorized List Of Security Tools
Here is a list of various security tools. I will update this list with more tools since some categories are incomplete. It will be nice to have a list of categorized tools etc., Any one can post more categories and links to tools/scripts. Passwords HashGrab2 http://py1337.com/tools.php or http://forum.intern0t.net/hacking-tools-utilities/2538-hashgrab-py-automatically-get-windows-login-hashes.html or http://upload.evilzone.org/download.php?id=7752913&type=zip Evilzone’s tool info post HashGrab2, written…
-
Don’t be a low hanging fruit for the hackers and script kiddies in your neighborhood. Part 1
In today’s Wi-Fi router security tip, I want to show you how to change the name of your wireless network, and why this might be important. If we look at the wireless networks around us, we may see linksys listed. That is the default wireless network name, also known as the SSID, of the network.…
-
Why passwords should not be stored on a mobile device
Apps for mobile devices, like tablets and smartphones replace more and more the traditional desktops and notebooks for internet-based services. For a solid number of apps in the various App Stores it is nearly every time mandatory for the users to authenticate against the App (for using the services the App provides). This often…