calfcrusherinSystem WeaknessMaccaroniC2 — Empowering Command & Control using AsyncSSHIntroducing MaccaroniC2, a proof-of-concept Command and Control framework that combines the power of the AsyncSSH Python library…May 21, 2023May 21, 2023
calfcrusherinSystem WeaknessThe art of Tunnelling with SSH (forward and reverse)A good cheat sheet for your Red Team OperationsDec 11, 2022Dec 11, 2022
calfcrusherinThe Gray AreaEvil Twin Attacks for Red Teams: ARP/DNS Poisoning w/ BettercapA step-by-step guide on pen-testing captive portals, and exploring social engineering to hijack client connections.Dec 9, 20221Dec 9, 20221
calfcrusherinSystem WeaknessThe Art of Pivoting using Socat (forward/reverse)Hello fellows dreamers,Nov 16, 2022Nov 16, 2022
calfcrusherAutomating Discovery and Exploiting of XSS VulnerabilitiesHi fellow pirates, today i want show you 3 ways to discovery and find XSS vulnerabilities mainly on VDP programs.Nov 14, 2022Nov 14, 2022
calfcrusherinSystem WeaknessAutomate LFI for Bug HuntingHello fellow cowboys, today i’m gonna show you how you can automate the search for LFI vulnerabilities.Nov 11, 20221Nov 11, 20221
calfcrusherWindows Powershell Red Team Cheatsheet (part 1)Hello fellow dreamers,Nov 9, 2022Nov 9, 2022
calfcrusherinSystem WeaknessAutomate and finds the IP address of a website behind CloudflareHello Fellow Hackers, today i want show you how to automate the discovering of origin IP of those sites behind CloudFlare, using Censys and…Nov 8, 20221Nov 8, 20221
calfcrusherinThe Gray AreaFuzzing Websites to Find Hidden ParametersTL;DR- A great how-to guide on finding hidden parameters that could lead to significant exploitaiton of a website or application.Nov 2, 20227Nov 2, 20227