Author Archives: Shy

In case of multiple websites using a single IP, and we have been asked to perform vulnerability assessment to ensure its security, how many to target

Posted on by

When doing black-box vulnerability assessment (with permission of course) of a subdomain of a website, the first step is enumeration; and the first step of that is finding IP of the subdomain.
If you find this IP, and then upon performing … Continue reading In case of multiple websites using a single IP, and we have been asked to perform vulnerability assessment to ensure its security, how many to target

How to ask Google search not to return the same website more than once in search results, i.e. return only unique web domains or subdomains? [closed]

Posted on by

I often use Google dorks for subdomain enumeration. But when it starts returning the same website multiple times, it gets annoying as hell to go through all the pages in Google search results and manually pick unique websites.
So what I wa… Continue reading How to ask Google search not to return the same website more than once in search results, i.e. return only unique web domains or subdomains? [closed]

How to make a virtual machine forensics-proof – completely or to the maximum possible level?

Posted on by

I want to make a VMWare (VMWare is first preference but any alternative can be used as well) virtual machine completely digital forensics-proof. I am protecting against someone getting physical access to my computer when I am not there (I … Continue reading How to make a virtual machine forensics-proof – completely or to the maximum possible level?

Is my understanding of Digital Certificates, Digital Signatures and their role in security of flowing traffic correct

Posted on by

I have followed this and this video. Following is my understanding.

Before sending a request/response, sending-host (could be server or client) generates a pair of asymmetric cryptographic keys, then takes hash (called Digest) of the pack… Continue reading Is my understanding of Digital Certificates, Digital Signatures and their role in security of flowing traffic correct

When sending email to Gmail address from netcat or openssl s_client, why do I get "Username and Password not accepted", despite correct credentials [migrated]

Posted on by

My goal was to send an email to a gmail address, like beta@gmail.com from a commandline tool such as netcat or telnet etc.
WHAT I TRIED:
I first tried netcat.
nc -C smtp.gmail.com 587
220 smtp.gmail.com ESMTP l35sm2846203wms.40 – gsmtp
EHL… Continue reading When sending email to Gmail address from netcat or openssl s_client, why do I get "Username and Password not accepted", despite correct credentials [migrated]

How attacker creates fake email accounts when the domain is using 3rd party email forwarding services [closed]

Posted on by

The domain abc.co.uk, has registered MX records, found through dig, mx1.forwardemail.net and mx2.forwardemail.net.
dig abc.co.uk MX +noall +answer

abc.co.uk. 300 IN MX 10 mx1.forwardemail.net.
abc.co.uk. 300 IN MX 20 mx2.for… Continue reading How attacker creates fake email accounts when the domain is using 3rd party email forwarding services [closed]

Why are PHP based msfvenom reverse shells for targeting my Windows server (for penetration testing purpose) not working?

Posted on by

I am just getting started with information security and trying to get a taste of it.
I am running Windows 10 in my laptop and have deployed DVWA in it on XAMPP. I am running a virtual machine in the same laptop with OS Kali linux. Before d… Continue reading Why are PHP based msfvenom reverse shells for targeting my Windows server (for penetration testing purpose) not working?