Information Security blog :)

 PowerShell for Ethical Hackers Blog Series                     Part2:  Understanding PowerShell Basics Commands  Hello All, Today we will see why understanding PowerShell basics is important as a ethical hacker or a penetration testing, as all we know basics is most important part for gaining advance knowledge. So, same in my blogpost we are going to learn Powershell from basics today i am going to show you usage of commands in powershell which we will use later in Hacking 😃😄   NOTE: I am going to present only those cmdlets which are useful in penetration testing. What is Cmdlet? A cmdlet is a lightweight command that is used in the Windows PowerShell environment. The Windows PowerShell runtime invokes these cmdlets within the context of automation scripts that are provided at the command line. The Windows PowerShell runtime also invoke them  programmatically through Windows PowerShell APIs. ...

                                                                                                              PowerShell For Ethical Hackers Blog Series  Hello my hacking buddies, Finally i am back with my blog series PowerShell for Ethical Hackers. we all know what is powershell and it easies our task same like linux bash scripting. in this blog series i'll show you some useful test cases which i have performed in real life penetration testing and i am going to show you how to write powershell script from basics to advance level. So, let's Start 😊😉 Part 1: Introduction to PowerShell, why PowerShell is important for Ethical Hackers and PowerShell Framework. Penetration Testing using PowerShell...

                             SSI (Server Side Includes)        Injection is a  vulnerability in web applications. It is also in a OWASP TOP-10   A-1 Injection. The attackers and security auditors are  always try to find this of vulnerabilities which allow them to perform a command execution. There are a number of vulnerabilities in the category of command execution, Sql Injection, LDAP Injection, X-PATH injection and one of them is Server Side Includes (SSI) Injection. So, This article is based on SSI Injection. What is Server Side Includes (SSI)? SSIs are directives present on Web applications used to feed an HTML page with dynamic contents. They are similar to CGIs, except that SSIs are used to execute some actions before the current page is loaded or while the page is being visualized. In order to do so, the web server analyzes SSI before supplying the page to the...

                       Session Hijacking in XSS to MYSQL File Hi, after a long Time i am coming with my new post how to Hijack The someone Session. sounds Interesting. is it possible to hijacking or steal someone cookie or someone Session. Yes! it's possible. I am going to telling you how's it Possible.   First! of All, it is also a Web-App Vulnerability. In OWASP TOP-10  A-2 Broken authentication   and Session managment. Covers the Session managment issues. (1) Session sniffing (2) Session fixation (3) Session hijacking First, for non-technical persons, they want to know what is Session or what is Cookie? A session can be defined as a server-side storage of information that is desired to persist throughout the user's interaction with the web site or web application.  A cookie is a small piece of text stored on a user's comp...