Learn Cross Site Scripting Vulnerability & Exploit (XSS)

Hello, Guys here after short break m back with my Cool Post on XSS (Cross Site Scripting), today m gonna explain you : How Cross Site Scripting works, How to Prevent it and Understanding XSS Vulnerability & Exploits. Basically many of you'd not understood XSS Exploits Properly, So lets create, Explore,...

Read more...

DOM Based Cross Site Scripting(XSS) vulnerability Tutorial

So far i have explained about the Traditional Cross site scripting that occurs because of insecure server-side code. In this post , i am going to explain the DOM Based Cross Site Scripting vulnerability. if you don't know what is cross site scripting , then i recommend you to read the basics from here.Before...

Read more...

New XSS Cheat Sheet - Bypassing Modern Web Application Firewall XSS Filters

  While we doing web application penetration testing for our clients, we may some time have to face the Web application Firewall that blocks every malicious request/payload.There are some Cheat sheets available on internet that helped to bypass WAF in the past. However, those cheats won't...

Read more...

Mass IFrame Attack Tutorial

Recently 90000 webpages infected by Iframe Injection attack.  Here i am going to explain what  IFrame Injection is. What is an IFrame Injection?Using IFrame tag, The Attackers injects the malware contain website(links) using Cross site Scripting in popular websites.  So if the usual visitors of that popular sites opens the website, it will redirect to malware contain website. ...

Read more...

Cross Site Scripting(XSS) Complete Tutorial....

 What is XSS?Cross Site Scripting also known as XSS , is one of the most common web appliction vulnerability that allows an attacker to run his own client side scripts(especially Javascript) into web pages viewed by other users.In a typical XSS attack, a hacker inject his malicious javascript code...

Read more...

Bypassing MAC Filters on WiFi Networks

  Most wireless routers have a security feature called MAC filtering. Each network card on a computer comes with a unique MAC address. MAC filtering allows the user to specify which computers are allowed to use the wireless network by entering the computer’s MAC address into the whitelist....

Read more...

Wireless Eavesdropping using MITM

 In the previous lab, we have learned how to create a setup for MITM. Now we will look at how to do Wireless Eavesdropping with this setup.The whole lab revolves around the principle that all the victim's traffic is now routed through the attacker's computer. Thus the attacker can eavesdrop on...

Read more...

Advanced Wifi Attack:MITM

Man-in-the-Middle attack MITM attacks are probably one of most potent attacks on a WLAN system. There are different configurations that can be used to conduct the attack. We will use the most common one—the attacker is connected to the Internet using a wired LAN and is creating a fake access point...

Read more...

Wifi Wpa2 Cracking

Today i will tell you how to crack wpa2 wifi network with dictionary attach.For cracking you need to require toolsTools:1)Vmware workstation2)Backtrack 5 r33)Alpha wifi external usb AWUS036NH4)A good Dictionary avaliable in crack station websiteSo lets Start watch this video and comment... Wp2 Cracking By Pak Defendr from Anonymous Ghost on Vimeo. Note: This is illegal and is for educational...

Read more...

PA2-PSK Cracking

 ReaverWhat is reaver?Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases.Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations.On...

Read more...

Hack wireless work 100%

 Today i'm going to show you how to Crack WEP and WPA/WPA2-PSK passwords!I'm using BackTrack 5 r3 because the tools that i'm going to use come already installed, but you can use any other Linux Distribution!WEP CrackingWhat is Aircrack-NG?Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program...

Read more...