Security Blog

Cybersecurity research, vulnerability analysis, and practical security insights.

Integrating Metasploit with Browser Exploitation Framework
Pentest Scripts

Integrating Metasploit with Browser Exploitation Framework

last post we getting started with BeEF of how to insert a Javascript link in a page and compromised a client browsers. So the Browser Exploitation Exploitation Framework (BeEF) has some awesome...

Jul 06, 2026 2 min read
Evade Windows Firewall by SSH Tunneling Using Metasploit
Pentest Scripts

Evade Windows Firewall by SSH Tunneling Using Metasploit

A lot of times  the victim machine may have windows firewall turned on thus making exploitation of vulnerable services on the victim tough. In this tutorial, we will look at how to workaround this...

Jul 06, 2026 3 min read
Exploit Heartbleed OpenSSL Vulnerability Using Kali Linux
Pentest Scripts

Exploit Heartbleed OpenSSL Vulnerability Using Kali Linux

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS...

Jul 06, 2026 4 min read
Evading Antivirus Using Veil-Framework in Kali Linux
Pentest Scripts

Evading Antivirus Using Veil-Framework in Kali Linux

Veil is a Python program that attempts to automate the creation of AV-evading payloads in a new framework. Veil-Evasion is a tool to generate payload executables that bypass common antivirus...

Jul 06, 2026 3 min read
Easy Information Gathering with Maltego in Kali Linux
Network Security

Easy Information Gathering with Maltego in Kali Linux

Maltego, is an open source intelligence and forensics application. This is a GUI tool so looks different. Maltego is an information gathering tool that allows you to visually see relationships and...

Jul 06, 2026 3 min read
Brute Force SMB Shares in Windows 7 Using Metasploit
Pentest Scripts

Brute Force SMB Shares in Windows 7 Using Metasploit

An attacker will take the path of least resistance in order to gain access to critical systems and data. During a penetration test we’ll take the same tactic as well. Frequently this is...

Jul 06, 2026 4 min read
Getting Started with Browser Exploitation Framework (BeEF) in Kali Linux
Pentest Scripts

Getting Started with Browser Exploitation Framework (BeEF) in Kali Linux

BeEF is short for The Browser Exploitation Framework. it’s a testing tool designed to enable penetration testers to launch client-side attacks against target browsers. By using techniques...

Jul 06, 2026 4 min read
Hack Windows 7 with Metasploit Using Kali Linux
Pentest Scripts

Hack Windows 7 with Metasploit Using Kali Linux

Today i am gonna show how to exploit any windows OS using metasploit. Exploiting a windows vulnerability to logging  into the system with out username and password using Metasploit. Before...

Jul 06, 2026 4 min read
Crack and Reset the System Password Locally Using Kali Linux
Pentest Scripts

Crack and Reset the System Password Locally Using Kali Linux

Hi folks,  For today  post  i will show you how to crack and reset password at times when you forget it or when you want to gain access to a computer for which you do not know the password. there are...

Jul 06, 2026 6 min read
Security Research

Kingslayer - A supply chain attack -- Part 2

_ _ _ _ _____ | |__ | || | ___| | ___ __ ___ |___ / | '_ \| || |_ / __| |/ / '_ ` _ \ |_ \ | | | |__ _| (__| <-- BACK TO hackdog.me Kingslayer - A...

Jul 06, 2026 2 min read
Security Research

Kingslayer - A supply chain attack -- Part 1

_ _ _ _ _____ | |__ | || | ___| | ___ __ ___ |___ / | '_ \| || |_ / __| |/ / '_ ` _ \ |_ \ | | | |__ _| (__| <-- BACK TO hackdog.me Kingslayer - A...

Jul 06, 2026 4 min read
Security Research

网络设备中限制用户命令交互的逃逸

在实际渗透场景中,有很多网络设备我们拿到了root权限后ssh登陆发现有命令执行限制,这是因为ssh接口提供了一个特殊的受限制的命令外壳程序,类似busybox的感觉,他可以允许root用户对设备进行配置处理,但是不允许进行命令交互,所以相当于我们拿到的只是一个鸡肋的root用户,为了突破这种限制,我们有特别的姿势 因为开放了ssh服务,所以我们可以使用scp,但是scp是无法创建目录的,所以我...

Jul 06, 2026 1 min read