Hacking Monks

A pen testers world.

Metasploit Tutorals

Home
Tutorials
Tech
Metasploit Tutorials
Kali Linux Tutorials
Cross Site Scripting (XSS)
Burp Suite
Web Hacking
Python Tutorials
NMAP Complete tutorial

Web Hacking

Web Penetration testing is a very broad subject. I have made some tutorials which can help you to study this awesome subject.

Facebook Bug Bounty Guide | API testing

Facebook bug | Page Admins disclosed

Make WORDLISTS to HACK (Kali Linux - Crunch)

Watch Live Cyber War (Hackers playground)

Hack Passwords with PENDRIVE (steal browser passwords) - EVIL USB

Hack everything with Shodan (hackers google)

Hack Password by BRUTEFORCE Kali Linux (Burp) on DVWA

Instagram Content Injection (Text) bug POC

Portforward Router Done,Explained in JIOFI

Remote Code Execution RCE (Kali Linux DVWA)

SEARCHSPLOIT - Kali Linux Offline Exploit DB

HTTP Header Injection (Mannual and Burpsuite)

URL manipulation explained (tutorial)

Facebook bug POC | Who left the Group -_-

Remote Code Injection on DVWA medium

Information gathering using TheHarvester in Kali Linux

Broken Authentication (insecure login, logout management, admin portal bypass)

Open Redirection Vulnerability

Facebook Bug POC - Privilege Escalation | emptiness

PAYTMPromoCode BUG POC

Metasploit Tutorial - 3 (hacking FTP login)

Some google dorks for you

AMAZON Password Reset Bug POC

Google G+1 ClickJacking BUG

Power Fuzzer Website scanning tool in Kali Linux

Uniscan Vulnerability scanner in Kali Linux - Tutorial

NMAP Tutorial - 2 (Agressive scanning-intense)

Facebook trolling Hackers (Funny Header)

Facebook Mail Bombing (rejected POC)

HackerOne bug (Session Management)

NMAP Tutorial-3 (different scans and speed scanning)

NMAP Tutorial - 4 (Verbos scan and Saving scan results in file)

DOS attack using Slowloris in Kali Linux

Find vulnerability of ANDROID apps like FB (easy with steps)

Buffer Overflow with Tutorial

Nikto Vulnerability Scanner (explained with tutorial)

Metasploit Tutorial-10 (drupal site exploitation)

SQL injection (website pen test with sql map-step by step)

Recon-ng tutorial- 1 XSS Vulnerability (the first step for pen tester)

Subdomain Takeover

How to find Subdomains (Tutorial)

WhatsApp Translate Account Takeover BUG POC (slow rate limit)

Shell Upload on Websites(backdoor PHP)

YoutubeUnauthorized Adword Linking BUG POC

Burpsuite - 1 (SQL injection,intercepting)

OSI model explained

Google Blogger ClickJacking Comments bug

Manual SQL injection (step by step)

Create Unlimited Instagram Accounts (unvalidated verification)

Cross Site Scripting (XSS)-1 (basics,ReflectedXSS)

Upload WebShell (bypass filters and intercepting)

Cross Site Scripting-2 (stored, redirected XSS)

Cross Site Scripting (XSS)-3 (XSS stored IFRAME and COOKIE Exploit)

Session Hijacking (MITM for cookies-side jacking)

Cross Site Scripting XSS-4 (hack username and password)

Metasploit Tutorial -11 (e-mail extraction)

Shell Upload with Metasploit(DVWA high security)

Cross Site Scripting (XSS)-5 (medium secured DVWA)

Hacking random home routers (Angry IP scanner)

Web Spidering (Manual and Automated with Burp Suite)

Burp Suite complete Version (Windows installation)

WAF detection (WAFW00F in Kali Linux)

Cross Site Scripting (XSS) - 7 (via image upload)

Website Vulnerability Scanning Burp Suite in Kali Linux

Find Admin Panel Finder (Kali Linux Python script)

Find XSS and Bug Bounty Hunting

XSS bug in Etherscan (HOF plus Ethereum)

Encoding and Decoding (Burp Suite Decoder)

Predict Session ID (Burp sequencer)

Click Jacking (step by step explained)

BurpSuite HTTPS proxy setting (Install CA certificates)

Broken Authentication and Session Management tutrial

Hackbar and Bypassing XSS filters

Expect Header XSS

Email This BlogThis!Share to Twitter Share to Facebook Share to Pinterest

1 comment:

Olu Agbaje20 July 2017 at 20:13
please, how can i view list of files hidden in a https server? i guess it was hidden with aspnethidden tag or is there a way to get all file list with _dopostback
ReplyDelete

Subscribe to: Posts (Atom)

Subscribe me

Search for tutorials here

About Me

Sai Naik

View my complete profile

Popular Posts

Running Metasploit on any android (without root or deploy linux)

Step by step instructions and easy way of installing Debain and Metasploit on android
Free VPN Kali Linux (setup and about anonymity)

Steps and Instruction -
IP Camera hacking (Shadon, Angry IP scanner with Hydra for Bruteforce)
Hack Passwords with PENDRIVE (steal browser passwords) - EVIL USB
Metasploit Tutorial - 3 (hacking FTP login)

In this video we will see how to find open ports and hack the FTP login with wordlist and Metasploit
SSL strip attack (MITM on HTTPS)

SSL strip explained steb by step
SMS bomb - Kali Linux (BURPSUITE)
DNS Spoofing Tutorial (MITM attack)

Steps and instructions -
Session Hijacking (MITM for cookies-side jacking)

Session Hijacking (Cookie Hijacking) using Ettercap, Ferret and Hamster
SQL injection (website pen test with sql map-step by step)

Step by step instructions and explanation on SQL injection with sqlmap.

My Links

Youtube Channel
Facebook Page
Facebook Group

Recent Posts

February 2018 (1)
January 2018 (1)
December 2017 (1)
October 2017 (2)
September 2017 (4)
August 2017 (1)
July 2017 (11)
May 2017 (1)
April 2017 (2)
March 2017 (29)
February 2017 (40)
January 2017 (46)
December 2016 (37)
November 2016 (11)
October 2016 (19)
September 2016 (19)
August 2016 (7)
July 2016 (4)

Featured post

Session Hijacking (MITM for cookies-side jacking)

Session Hijacking (Cookie Hijacking) using Ettercap, Ferret and Hamster

Total Pageviews

Hacking Monks. Awesome Inc. theme. Powered by Blogger.