Website Hacking

Two important headers that can mitigate XSS are: X-XSS-Protection Content-Security-Policy So what is the difference? Well browsers such as Internet Explorer and Chrome include an...

Information Gathering is the first step towards hacking. It is knowing the System, Person or the victim we are targeting in order to be more precise. The work we...

SQL Injection Basic Union Based Injection. In this tutorial we will learn how to inject Union based injection. In our last tutorial we learnt how to find out the number...

Welcome to the second part of basics of SQL for SQL injection. We took this url "http://fakesite.com/report.php?id=23" as an example and then assumed some basic queries by looking at...

This is a step by step guide on how to make a simple login macro for Portswigger's Burp Suite. In the demo I will use a real world application...

In this tutorial we will gather DNS information about our target. But before starting with basics of DIG we must know different types of DNS records. The following list describes the...

What is an LFI Vulnerability? LFI stands for Local File Includes - it’s a file local inclusion vulnerability that allows an attacker to include files that exist on the target...

Kali Linux Hacking Commands List : Hackers Cheat Sheet Hacking or Penetration testing is the practice of testing a computer system, network or Web application to find vulnerabilities that an...

Hello and welcome to my first tutorial on Information Gathering. In this tutorial we will gather information about our website using some freely online available websites. We'll be using the Following...

https://www.youtube.com/watch?v=ttTVNcPnsJY 1.Getting RCE with LFI Via /proc/self/environ so First Lets Try getting /etc/passwd to Confirm if its Directory Traversal Attack Or not ../ is used to get into upper(parent) Directory in *nix http://smscenter.dprdbekasikota.go.id/?page=/etc/passwd   http://smscenter.dprdbekasikota.go.id/?page=../../../etc/passwd   http://smscenter.dprdbekasikota.go.id/?page=../../../../etc/passwd...