Monthly Archives: April 2018

Change directory to web root directory (/var/www/html) using the cd command Then download the file from github using wget command (https://github.com/ethicalhack3r/DVWA/arch ive/master.zip) After it fully downloaded, unzip the master.zip Move the content from directory DVWA-Master to web root directory using mv command Then … Continue reading →

Once the operations of information gathering, discovery, and enumeration are complete, it is time to find vulnerabilities that might exist in the target infrastructure. Vulnerability mapping is the process of identifying and analyzing the critical security flaws in a target … Continue reading →

WPScan is a black box vulnerability scanner for WordPress site. WordPress is a popular open source content management system. A lot of people use WordPress. That’s why WPScan is necessary. Now I will try to find the username and password … Continue reading →

Google hacking or Google dorking is a hacking technique that use Google search to find security holes in the code that website use. Dorks are keywords used to filter put desired results from Google database. Now, I want to try the … Continue reading →

Identify Target Machines Ping to check if the host is available or not It works by sending an Internet Control Message Protocol (ICMP) echo request packet to the target host. It will reply with ICMP echo reply if the host is … Continue reading →

Information gathering is the 2nd phase of the Kali Linux Methodology. In this phase, we collect as much information about our target, such as Domain Name Server (DNS) hostnames, IP address, technologies used, etc. I will deliberate some tools available … Continue reading →

Thanks to bad people’ and the mainstream media, the term ‘hacking’ or ‘hacker’ usually viewed as a negative thing to the public. Now, we have a term called ‘Ethical hacker’ to differentiate the good and the bad one. An ethical … Continue reading →