Knowing Linux/Unix commands for manipulating and filtering content in a file can save time, increase efficiency, and provide a flexible and reproducible way to work with file data. Knowing these commands for manipulating and filtering content in a file can be very useful for several reasons: Efficiency: When working with large files, it can be […]
Super easy. I was doing this today and decided to share it with everyone. To connect to a Windows SMB share drive from Kali Linux, you can use the following steps: Open the File Manager on Kali Linux and click on “Connect to Server”. In the “Connect to Server” dialog, select “Windows share” as the […]
I recently pawned a web server on a pentest I was doing. I was able to upload and execute a PHP reverse shell script that gave me a shell. The issue was that it would run as the www-data user, and when I tried to su to root, I got the following error: “su : […]
In July, the FBI confiscated the group’s infrastructure as part of an international law enforcement operation, including their Tor payment and data leak sites. Six months of covert surveillance of the Hive ransomware gang’s infrastructure were revealed by the US Department of Justice and Europol in January 2023. This operation enabled them to discover impending […]
To create an admin user in Kali and other Debian-based distros, you can use the command “adduser” followed by the username you want to create. For example, to create a user named “peter,” you would use the command To give the user admin privileges, you can use the command “usermod” followed by the username and […]
John The Ripper has been around for a long and is a tool that all hackers and pen-testers use on a regular basis. However, if you are a rookie in this subject, employing John The Ripper is not always simple. Don’t worry, I’ll go through everything in this post to make sure you get started […]
I got this question from one of my subscribers: “my VirtualBox has two Linux virtual machines running on a NAT. Both have the same ip address: 10.0.2.15. I tried releasing the IPs for both virtual machines. What can I do to change one of the IP addresses in VirtualBox?” If both of your Linux virtual […]
Here is how to release and acquire a new IP address on Windows, Linux and MacOS. WINDOWS To release your IP address on Windows use the Command Prompt: Open Command Prompt (Start > Run > cmd) Type ipconfig /release and press enter Type ipconfig /renew and press enter This will release the current DHCP lease […]
When you attempt to scan a website and get the error message “Scan Aborted: The remote website is up, but does not seem to be running WordPress”, it means that WPScan did not believe that the site was genuinely running WordPress. You may give WPScan the –force option to have it scan the site even […]
Hi Guys! If you are working on a website or page and need to send the link to a few people but don’t want to create authentication for everyone, this method is perfect for you. You can use a simple URI-based token system, where the token is included as a parameter in the URL. This […]
Hi Guys! When doing pen-testing for clients I often do quite a bit of OSINT (Open Source Intelligence), Google Dorking and searches on web archiving. And let me tell you! I find a lot of development apps and sites indexed and cached by Google. The funny thing is that even if you delete those pages, […]
Endpoints for WordPress data types are provided via the WordPress REST API. This enables developers to interact remotely with sites by sending and receiving JSON objects. Most website owners, however, do not need these functionalities. Therefore, it may be better to deactivate the WordPress JSON REST API. Nobody can dispute the advantages that this API […]
I often encounter /dev/null in bash scripts but never know what it’s for. There are also many variations > like 2>/dev/null or &> /dev/null or > /dev/null 2>&1 and so on. /dev/null is a method of suppressing output. 1 denotes stdout, while 2 denotes stderr. Essentially, &> /dev/null is a new syntax for 2>&1. Here […]
Shellshock, a vulnerability that enables attackers to execute arbitrary code through the Unix Bash shell remotely, was one of the most serious flaws discovered in the recent decade. Shellshock remains a serious hazard, particularly for unpatched systems. It affects the majority of Linux and UNIX-based operating systems. This vulnerability is now present in many CTF […]
This quick tip will show you how to search for strings inside files in Linux. You can use the grep command to search for specific strings in files on a Debian 11 system. The basic syntax is: This will search for the string “string” in all files in the specified directory. To search for the […]
In this tutorial, I will show you how to connect to your AWS instance via SSH using Termius. INSTALL TERMIUS Head to https://account.termius.com/signup and create an account. Login and download the app for macOS, Windows or Linux. Once downloaded, install and run the app. You can login to get a free trial or simply start […]
To install Debian 11 on Amazon Web Services (AWS), you can use the AWS Elastic Compute Cloud (EC2) service. Here are the general steps you can follow: Register on AWS https://portal.aws.amazon.com/billing/signup Log in to your AWS account and navigate to the EC2 dashboard. Click on the “Launch Instance” button to start creating a new virtual […]
This guide will help you install Apache2, create a Virtual Host for your domain, install Letsencrypt and install PHP 8.2 on Debian 11: APACHE2 Let’s begin by installing apache2 and creating a virtual host for your website. Make sure to replace mydomain.com with the appropriate path and domain name for your virtual host. First, update […]
After trying a few things, I continued to get the following error: 🤦🏻 OMG, The solution is simple. You don’t need the paths to enable or disable sites: The same is true for a2ensite: Now, this is why you should not trust online sources. Learn to look in the man pages or the official sources: […]
If you can’t uninstall Node.js, you may want to try this. This hack is based on nvm (Debian 10/11). First, try uninstalling it the legit way: If this doesn’t work, then try deactivating it: Now, get the version of Node: Now you can uninstall it using nvm and the correct version of node. Example: There! […]
phpMyAdmin is a popular web-based tool for managing MariaDB and MySQL databases. It provides a user-friendly interface for creating and managing databases, tables, columns, and users. Some benefits of using phpMyAdmin include: Intuitive interface: PHPMyAdmin’s web-based interface is designed to be easy to use, even for those who are new to database management. Database management: […]
Here are a few pointers when working with MySQL/MariaSQL that I’m sure will help you! CHECK VERSION To check the version of SQL on a Debian 11 system using the terminal, you can use the command: This will return the version number of the MySQL server installed on your system. Alternatively, you can use the […]
To set up a 301 redirect using .htaccess, you can add the following code to the .htaccess file: This tells the server to redirect any requests for the old page to the new page. You can also redirect entire directories using: This will redirect all the pages within the old directory to the corresponding pages […]
When you are transferring your files and folders from your local web server to your remote web server you need to make sure you have the right permissions and ownership. Setting permissions You can use the chmod command with the -R flag to change permissions recursively. To make all files have permissions 644 and all […]
Simple file counting You can use the command “ls” to list the files in a folder and pipe it to the command “wc” with the option “-l” to count the number of files. Example: This will give you the number of files in the specified folder. How to make it recursive? You can use the […]
How to GZIP and UNGZIP? Gunzip is a command that is included in most Linux distributions by default, including Debian. It is a part of the gzip package, which is a standard tool for file compression and decompression on Linux systems. Therefore, you do not need to install gunzip. Specifically, it should be already available […]
Hello there, friends. In this post, I’ll show you how to set up a reverse proxy for your virtual host when using Node.js. Most of you are probably familiar with Kali Linux. If not, don’t worry because today, you can install Kali Linux right on your Android device. Question I have a Debian 11 server […]
To install the latest version of Node.js (18.13.0) on Debian 11, you can use the Node.js package manager (npm) that comes with Node.js. Here’s one way to do it: Download the Node.js package from the Node.js website: Install Node.js: Confirm that Node.js was installed correctly by checking the version: This should output ‘v18.13.0’ or a […]
MariaDB is a fork of MySQL, and it is fully compatible with MySQL. To install MariaDB on Debian 11, you can use the apt package manager that comes with Debian. Here’s one way to do it: Update the package list: Install the MariaDB server package: During the installation, you’ll be prompted to set a root […]
Question Can you give me a script to see if my MySQL database is working? The script needs to check the hostname, port, database username, database name and password. It also needs to be displayed on the browser with inputs so I can fill out the information. Answer Here is a basic PHP script that […]
Changing the hostname in Kali Linux is very simple! This is how Linux displays your username and hostname: [username]@[hostname] ex: kali@kali There are two files you need to touch in order to change your hostname: 1) Edit the ‘hostname’ file: Delete the current host and add your hostname 2) Edit the ‘hosts’ file: Add the […]
Output only the IP addresses on the terminal with nmap You know how to use nmap to find the list of IP addresses that are currently in the network. But this could be messy. This cheat gives you a simple list of IP addresses on the terminal so you can cut and use as you […]
Why would someone leave the door open when redirecting www to non-www using via the .htaccess. Please first make all traffic encrypted from http to https and THEN redirect from www to non-www. Here’s the trick: Note: this only works in Apache. Cheers!
Setting up my Hyper-V, I noticed I wasn’t able to connect to the Internet until I found a solution. I checked a few forums for answers and could not find the trick. Finally, I did a little troubleshooting and followed a post online and it worked (credits below) and here’s the trick. Hint, the last […]