Collaborate Disseminate
When I conduct a mobile pentest, I have run into payload encryption in HTTP traffic. In general, the AES key and IV ( initialization vector) are located in APK, and can be used to encrypt the payload using Burp suite extensions such as AES… Continue reading Bypassing AES encryption if the keys are not in local,but in server
Is there a tool to convert each password in a text file into sha256 hash without writing any program? I want to convert each password in "rockyou" password file into their SHA256 form line by line. Do you know any tool for it?
… Continue reading How to hash each password into their SHA256 hashes using a simple tool [migrated]
I am a newbie cyber security engineer working on IoT. Today, a task is given to me. The task was making pentest to a cooker. Because of the privacy, I cannot share the brand of the cooker. The cooker has its own wifi card and connects to w… Continue reading Next movement in IoT pentest when you have restricted information
I have take a zip file from NFS port using sudo mount -t nfs 192.168.1.105/backup /tmp/kevgir .
After that, I got backup.tar.bz2.zip file in /tmp/kevgir directory. I crack the zip file using fcrackzip tool, but I also wanted to crack it us… Continue reading Problem in using zip2john tool to take hash values [migrated]