Category: Articles

10 Best Programming Languages For Hacking

~ Dade Murphy ~ Leave a comment

Dark Hacker World-- In this guide, we have made a list of the best programming languages for hacking. As everyone knows hacking is an art of exploitation, And every ethical hacker needs to have the basic knowledge of some popular languages to break the security of the web, application, or anything that is programmed in a … Continue reading 10 Best Programming Languages For Hacking

TryHackMe : RootMe CTF Walkthrough (Detailed)

~ Dade Murphy ~ Leave a comment

InfoSec Write-ups - Medium-- TryHackMe : RootMe CTF Writeup (Detailed)Let’s dive in!!Task 1- Deploy the machineCreate a directory for your ctf machine on Desktop and a directory for nmapTask 2- ReconnaissanceNmap Scan :nmap -sC -sV -oN nmap/rootme <MACHINE_IP>-sC : Default scripts-sV : Version detection-oN : Output to be stored in the directory ‘nmap’ you created earlierNmap Scan OutputThere are 2 ports open : 22/ssh — OpenSSH 7.6p1 80/http — Apache httpd … Continue reading TryHackMe : RootMe CTF Walkthrough (Detailed)

55 New Security Flaws Reported in Apple Software and Services

~ Dade Murphy ~ Leave a comment

The Hacker News-- A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws — including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities — could have allowed an attacker to "fully compromise … Continue reading 55 New Security Flaws Reported in Apple Software and Services

CSRF : Web App Security Basics

~ Dade Murphy ~ Leave a comment

InfoSec Write-ups - Medium-- CSRF : Web App Security BasicsCross Site Request Forgery (CSRF/XSRF) also known as One-Click Attack or session riding is type of attack where unintended actions are performed by the end user on web. For example, change of email address, password change, fund transfer, etc. actions could be performed while user is currently authenticated. … Continue reading CSRF : Web App Security Basics

Credit card skimmer targets virtual conference platform

~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- We’ve seen many security incidents affecting different websites simultaneously because they were loading the same tampered piece of code. In many instances, this is due to what we call a supply-chain attack, where a threat actor targets one company that acts as an intermediary to others. In today’s case, the targeted websites all … Continue reading Credit card skimmer targets virtual conference platform

How to Brute-Force FTP Credentials & Get Server Access

~ Dade Murphy ~ Leave a comment

Null Byte « WonderHowTo-- Hackers often find fascinating files in the most ordinary of places, one of those being FTP servers. Sometimes, luck will prevail, and anonymous logins will be enabled, meaning anyone can just log in. But more often than not, a valid username and password will be required. But there are several methods … Continue reading How to Brute-Force FTP Credentials & Get Server Access

Hack The Box Walkthrough — Magic

~ Dade Murphy ~ Leave a comment

InfoSec Write-ups - Medium-- Hack The Box Walkthrough — Magichttps://www.hackthebox.eu/home/machines/profile/241Magic is a Medium difficulty machine from Hack the Box created by TRX. My process involved a simple SQLi, Steganography, and Binary Planting.This is a raw walkthrough, so the process of me falling through rabbitholes upon rabbitholes are well documented here. It also reflects my thought process while … Continue reading Hack The Box Walkthrough — Magic