Steal user credentials by cloning web pages By this story I’m going to show how to phishing victim’s credentials by cloning web pages. First at all open the SET — Social Engineering Tool Kit (here I’m using Kali Linux) We should update the ToolKit first. use below steps. set >…

The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games. The Bandit wargame is aimed at absolute beginners. It will teach the basics needed to be able to play other wargames. Go to Bandit web page — Click…

The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games. The Bandit wargame is aimed at absolute beginners. It will teach the basics needed to be able to play other wargames. Go to Bandit web page — Click…

‘Synchronizer token pattern’ is one of the solution for CSRF attack. What is the CSRF attack? Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has…

‘Double submit cookie pattern’ is one of the solution for CSRF attack. What is the CSRF attack? Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker…

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with other members of similar interests. It contains several challenges that are constantly updated. Some of them simulating real world scenarios and some of them leaning more towards a CTF…

Manually Access Facebook APIs using OAuth 2.0 Part II — Get and View Facebook Profile pictures If you didn’t read part I, go to this link Manually Access Facebook APIs using OAuth 2.0 Part I — Get an access token from Facebookmedium.com Open Rest Client tab from Firefox browser. Paste below graph request on URL field and set the method to GET. https://graph.facebook.com/v2.8/me/albums Next copy the token value which we found in Part…

Manually Access Facebook APIs using OAuth 2.0 Part I — Get an access token from Facebook First go to https://developers.facebook.com/ site and create an app. My Apps -> Create App Then give a proper App name and create the app. After that get your App ID and App Secret on to another document (notepad). Settings -> Basic