Home / How to Hack

How to Hack

Penetration Testing : Hacking Gmail account using GX Cookie


Penetration Testing : Hacking Gmail account using GX Cookie GMAIL is currently being used in corporate environments widely due to high popularity . During penetration tests we might come across scenarios where the employees are using GMail as the primary mode of email communication. (GMail also provides a paid service of email for corporates . ) Introduction to the Cookie Replay Attack :  Hacking web application was always curious for the script kiddies. And hacking free web email account is every geek first attempt. The method which I will describe in this post is not new; the same method can be applied to yahoo and other free web email services too. The method we will be using is cookie stealing and replaying the same back …

Read More »

Steganography : Hide EXE within the Jpeg Image File


Stenography : Hide EXE within the Jpeg Image File What is Steganography ? Steganography is the art and science of hiding information by embedding messages within other, seemingly harmless images or other types of media Steganography has become increasingly popular in the past years , majorily in hacking communities where it is extensively being used for hiding the executables within the image file . In the following tutorial I will show you how easy it is to hide an executable within an Image file . Here is a Noob Friendly tutorial on Steganography that explains how to hide executable within a Image Jpeg . 1. Save the picture of choice to your desktop. 2. Make a new .rar or .zip folder on your desktop. 3. Add …

Read More »

Information Gathering Using Kali Linux for Penetration Testing


Information Gathering Using Kali Linux for Penetration Testing Information Gathering is a crucial step in penetration testing .  Ideally the penetration testing begins with Information and needs a lot of effort at this step . In this tutorial we will explore some of the tools used for Information Gathering that are available in Kali Linux . Build and Verify an Email Address List using Harvester Here we will be using the tool called Harvester . Harvester Builds a list of email addresses for users at the target organization. The list of email addresses will then be verified to confirm they are valid. Start by using theHarvester.py to find email addresses related to the organization. The script takes a domain name and searches Google, Bing, PGP servers, …

Read More »

PowerSploit : Quick Shell for Penetration Testing


PowerSploit : Quick Shell for Penetration Testing While penetration testing , sometimes all we want is a shell and no meterpreter or other RAT functionalities . This can be due to plenty of reasons : only shell access is less noisy , more chances of evading the Anti virus engines , less chances of inappropriate exploitation during pentest and so many more . This Tutorial will get you the quick shell access you need during the penetration testing in the easiest way . For this we will be using Powersploit .  PowerSploit mainly uses Powershell for Windows Exploitation . PowerSploit  is a collection of security-related modules and functions written in PowerShell. PowerSploit is already in Kali, and its code is utilized by other awesome tools …

Read More »