How to Discover Hidden Subdomains on Any Website with Subfinder

Null Byte « WonderHowTo-- When approaching a target, having a precise and detailed plan of attack is absolutely necessary. One of the main goals is to increase the attack surface since the more opportunities there are for exploitation, the greater the chances of success. Subdomain enumeration is one method used to increase the attack surface, … Continue reading How to Discover Hidden Subdomains on Any Website with Subfinder

How to Brute-Force FTP Credentials & Get Server Access

Null Byte « WonderHowTo-- Hackers often find fascinating files in the most ordinary of places, one of those being FTP servers. Sometimes, luck will prevail, and anonymous logins will be enabled, meaning anyone can just log in. But more often than not, a valid username and password will be required. But there are several methods … Continue reading How to Brute-Force FTP Credentials & Get Server Access

How to Use Gtfo to Search for Abusable Binaries During Post-Exploitation

Null Byte « WonderHowTo-- GTFOBins and LOLBAS are projects with the goal of documenting native binaries that can be abused and exploited by attackers on Unix and Windows systems, respectfully. These binaries are often used for "living off the land" techniques during post-exploitation. In this tutorial, we will be exploring gtfo, a tool used to … Continue reading How to Use Gtfo to Search for Abusable Binaries During Post-Exploitation

How to Use Gtfo to Search for Abusable Binaries During Post-Exploitation

Null Byte « WonderHowTo-- GTFOBins and LOLBAS are projects with the goal of documenting native binaries that can be abused and exploited by attackers on Unix and Windows systems, respectfully. These binaries are often used for "living off the land" techniques during post-exploitation. In this tutorial, we will be exploring gtfo, a tool used to … Continue reading How to Use Gtfo to Search for Abusable Binaries During Post-Exploitation

Explore Data Analysis & Deep Learning with This $40 Training Bundle

Null Byte « WonderHowTo-- Data makes the world go round. It has gotten to the point that it's considered the most valuable resource, perhaps even more important than oil. Businesses use data to collect critical information about their users and improve their services; governments utilize it to improve things like public transportation; doctors analyze data … Continue reading Explore Data Analysis & Deep Learning with This $40 Training Bundle

How to Escape Restricted Shell Environments on Linux

Null Byte « WonderHowTo-- The moment arrives when you finally pop a shell on the web server you've been working on, only you find yourself in a strange environment with limited functionality. Restricted shells are often used as an additional line of defense and can be frustrating for an attacker to stumble upon. But with … Continue reading How to Escape Restricted Shell Environments on Linux

How to Analyze Web Browser Extensions for Possible Malware & Other Malicious Activity

Null Byte « WonderHowTo-- Browser extensions are extremely useful since they can expand web browsers like Google Chrome and Mozilla Firefox beyond their built-in features. However, we don't always know who's behind a browser add-on or what it's doing beyond what's advertised. That's where ExtAnalysis comes into play. ExtAnalysis will unpack an extension so that … Continue reading How to Analyze Web Browser Extensions for Possible Malware & Other Malicious Activity

How to Attack Web Applications with Burp Suite & SQL Injection

Null Byte « WonderHowTo-- Web applications are becoming more and more popular, replacing traditional desktop programs at an accelerated rate. With all these new apps out on the web comes various security implications associated with being connected to the internet where anyone can poke and prod at them. One of the simplest, yet the most … Continue reading How to Attack Web Applications with Burp Suite & SQL Injection

Become an In-Demand Ethical Hacker with This $15 CompTIA Course

Null Byte « WonderHowTo-- If you're interested in joining the increasingly popular and lucrative world of ethical or "white hat" hacking, you're far from alone. More and more coding and programming pros are turning to this field thanks to the high pay, countless opportunities, and exciting work environment. But this means that if you want … Continue reading Become an In-Demand Ethical Hacker with This $15 CompTIA Course