Installation Guide for DVWA on Linux

According to DVWA’s website, Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a classroom environment.

DVWA’s Installation Steps

Continue reading

Let’s talk about Port Scanning!

Port Scanning is one of the methodologies that will be conducted during Enumerating Target process. This process will scan all TCP Ports or UDP ports, not only just the well-known ports which make the process could take a minute or two. This process also helps in determining which TCP and UDP ports are open, closed, or filtered.

In this post, I’m going to talk about the differences between TCP & UDP port, types of port scanning, and also showing how to do port scanning using Nmap!

Continue reading

Enumerating Target

After knowing that the target machine is available or active during the Target Discovery process. The next thing to do is enumerate invaluable information such as email, username, password, or any services available on the target systems. This will be used to help us as pentesters in identifying vulnerabilities on these services.

In this post, I’m going to use WPScan and TheHarvester to help me enumerate my target:

♡ usernames from wp1.pentest.id

♡usernames from  jo1.pentest.id

♡ find emails that has @pentest.id and @gmail.com

Continue reading

Target Discovery (still ongoing)

After information gathering, the next step is to discover our target machines. This process is commonly known as Target Discovery.

Why do we need to identify our target machines?

  • To find out which machine in the target network is available. If the target machine is not available, we won’t continue the penetration testing process to save more time.
  • To find the underlying operating system used by the target machine which will help us during the vulnerabilities mapping.

Same like the last post, my target is pentest.id.

Continue reading

Google Dorks’ Guide

Google Dorks is a hacking technique that utilizes Google Search Engine and other Google applications to find security holes in the configuration and computer code that websites use. Since Google has a searching algorithm and indexes most websites, it can be useful for a hacker to find vulnerabilities, hidden information, and access pages on the target.

In today’s post, I’m going to show you how to utilize Google for your hacking experience.

Continue reading

Information Gathering

In this post, I’m going to gather as many information, such as DNS hostnames, IP addresses, technologies and configuration used from pentest.id

Information gathering can be categorized into two techniques:

  • Active
    This method collects information such as open ports, services and OS the target is currently using by introducing network traffic to the target network by using tools. However, the target might be able to detect us since the traffic can be noisy. Therefore, Intrusion Detection System (IDS), Intrusion Prevention System (IPS), or Firewall can easily detect our presence.
  • Passive
    This method utilizes a third-party’s services, such as the Google search engine and other public websites that can be used to collect information about the target.

So, let’s start gathering information, shall we? 

Continue reading

Installation Guide for Kali Linux on Windows

In this post, I’m going to show you how to install Kali Linux as a provider of information security training and penetration testing services.

Before jumping to the installation steps, let’s briefly talk about Kali Linux.
Kali Linux (Kali), previously known as BackTrack, is a famous Linux distribution system that was developed with a focus on the penetration testing task.

These are the major features of Kali Linux:
• FREE to use (Hooray!)
• Has more than 600 penetration testing applications
• Has wide-ranging wireless device support
• Has a custom kernel patched for packet injection
• All Kali software packages are GPG signed by each developer
• Completely customizable to suit users’ needs
• Supports ARM-based systems

Continue reading

Introduction to Ethical Hacking and Penetration Testing

On the 4th semester of my studies in Computer Science, it is mandatory for me to take Ethical Hacking and Penetration Testing class with Mr. Charles Lim and Mr. Kalpin Erlangga as my lecturers. So in this post, I’m going to share some basic knowledge of this course and will definitely jump into the detail in my next posts.

Sir Charles told us that hacking used to be done for good purposes however in these past few years when most people hear hacking or hackers, they instantly associate the word with criminal actions. That is why the term “Ethical Hacking” is commonly used nowadays to differentiate between the good and the bad.

So, what is Ethical Hacking? How is it different from Hacking?

Ethical hacking is when someone accessing a computer system or network with owner’s permission. Usually, ethical or white hat hackers are hired by companies to perform penetration tests in order to ensure the security of the company’s information systems.

Meanwhile, hacking is when someone breaks into the systems without authorization. It is considered as an illegal act and the black hat hacker can go to prison. A hacker that steals or destroys the data from the system is called Cracker.

What is Penetration Testing?

Continue reading