Virtual Machine Setup

Docker For Pentesters

Docker is container-based technology and containers use space of the operating system. At the low level, a container is just a set of processes that are isolated from the rest of the system, running from a distinct image that provides all files necessary to support the processes.


Server-Side Request Forgery

Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing.


Thick and Thin Client Application Security

A thin client is designed to be especially small so that the bulk of the data processing occurs on the server. Although the term thin client often refers to software, it is increasingly used for the computers, such as network computers and Net PCs, that are designed to serve as the clients for client/server architectures.

Radio Jamming

Radio Jamming

Radio Jamming is the deliberate jamming, blocking or interference with authorized wireless communications. In some cases, jammers work by the transmission of radio signals that disrupt communications by decreasing the signal-to-noise ratio.

Car Hacking

Getting started to hack a Car

Get started on hacking cars — fast, cheap, and easy. In order to do this, we’ll spoof the RPM gauge as an example. A car consists of multiple computers to control the engine, transmission, windows, locks, lights, etc.



TLS is an encryption protocol designed to secure Internet communications. A TLS handshake is the process that kicks off a communication session that uses TLS encryption.



Enhanced automation throughout the software delivery pipeline eliminates mistakes and reduces attacks and downtime. For teams looking to integrate security into their DevOps framework, the process can be completed seamlessly using the right DevSecOps tools and processes.



OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.


However, the process for hacking any smart lock is the same so you can take these methods and apply them to any smart lock you like. The idea of the Smart Lock is that it can be remotely locked and unlocked using a mobile device.


SSH Tunnelling

SSH tunnelling is a method of transporting “data of our choice” over an encrypted SSH connection. It can be used to implement VPNs (Virtual Private Networks) and access intranet services across firewalls.



LoRa was first developed and launched by Semtech Corporation in 2015. LoRa is a 'Long Range' low power wireless standard intended for providing a cellular style low data rate communications network.


Android devices are infected by new unremovable Xhelper malware

The Trojan — affecting mostly users in India, the US, and Russia — has since shot up to the top 10 list of most detected mobile malware, with security researchers observing what they call “a surge in detections” of the malicious Android malware that can hide itself from users, download additional malicious apps, and display advertisements.



A Blockchain, originally block chain, is a growing list of records, called blocks, that are linked using cryptography. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data.


Smart Speakers Can Be Hacked with Laser Light Commands

Researchers found a way of hijacking voice assistants like Google Home, Amazon’s Alexa or Apple’s Siri devices from hundreds of feet away using shining laser pointers. Devices running Google Assistant, Amazon Alexa and Siri were all shown to be vulnerable to this security hole, and the researchers got it working on a Facebook Portal device, too.