Category: Uncategorized

  • New app update: Learn Pentesting like a Pro! 7.1.1

    More content, more knowledge 🤓​

  • Patch your VMware ESXi now!

    Ransomware attacks are raising against ESXi infrastructure

  • Privacy Policy

    Our website address is: https://pentesting.academy What personal data we collect and why we collect it Comments When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. Media If you upload images to the website,…

  • How to fix WordPress XML-RPC Cyberattacks

    To be protected against this cyber attack, do not forget to restrict access to /xmlrpc.php resource only from your IP address (1.2.3.4 in the example below). For Apache, edit /.htaccess file to add: Save the changes, restart apache and ready!

  • How to resolve an IP address in Windows

    It is very easy to resolve any domain in Microsoft Windows natively using the command nslookup: By default our system will query to our predefined DNS server. If we want to query an specific DNS server, we can specify it as a second argument. In this case we ask the IP address of the domain…

  • Other useful tools for pentesters

    Here we go: http://getgreenshot.org/ Greenshot: Screenshots for reports in Windows https://mobaxterm.mobatek.net/ MobaXterm: All-in-one terminal for Windows https://www.tracewrangler.com/ TraceWrangler: Easy sanitization and anonymization of PCAP and PCAPng files https://github.com/novnc/noVNC noVNC: VNC client using HTML5 (Web Sockets, Canvas) with encryption (wss://) support https://github.com/paradoxxxzero/butterfly butterfly: A web terminal based on websocket and tornado https://github.com/cure53/XSSChallengeWiki https://mosh.org/ Mosh: Mosh (mobile…

  • Gadgets for Penetration Testing

    Last update: February 2023 Hardware hacking gadgets SyncStop: http://syncstop.com/ SyncStop prevents accidental data exchange when your device is plugged into someone else’s computer or a public charging station PortaPow: Blocks data when charging your smartphone https://portablepowersupplies.co.uk/ https://www.amazon.com/s?k=PortaPow USBninja: https://usbninja.com/ Flipper Zero: https://flipperzero.one/ Flipper Zero supports USB-C, GPIO, Bluetooth, RFID, NFC, 1Ghz, Infrared, iButton

  • How to run Faradaysec

    Faradaysec is a great penetration testing IDE

  • How to customize the ZSH shell

    Useful frameworks to beautify your zsh shell: https://ohmyz.sh/ https://github.com/robbyrussell/oh-my-zsh Manual installation of oh-my-zsh: Cool themes: mortalscumbag To know more about how to use zsh shell and oh-my-zsh integrated within Faradaysec. Check it in the following post: Learn Pentesting like a Pro How to run Faradaysec How to run Faraday < 2.7 To run the server:…

  • What is an exploit?

    An exploit is a program or system designed to take advantage of a particular error or security vulnerability in computers or networks. Also have a look to: Learn Pentesting like a Pro What is an exploit kit? An exploit kit or exploit pack is a type of toolkit cybercriminals use to attack vulnerabilities in systems…