Red Team/Pen Testing – ls111's Cybersecurity Blog

How hackers track your exact location 📌

Posted on January 18, 2022September 19, 2023 by wp_writer

Have you ever had that feeling that someone is following you? In this video I am going to show you how easy it is for a hacker to use a combination of social engineering and a Python tool called Seeker, to deceive their victims into revealing their exact location data by tapping into the GPS…

How hackers launch phishing attacks (Social Engineering) 🎣

Posted on January 13, 2022September 19, 2023 by wp_writer

In this video we will go on a little phishing trip! I will show you a two phased approach how a hacker can potentially launch a phishing attack against their victims. We will be using two tool, the first is ZPhisher, a phishing automation script, that allows us to host various login pages to harvest…

How Hackers Steal Your Stored Chrome Passwords

Posted on January 11, 2022September 19, 2023 by wp_writer

In this video we continue where we left off in the previous video, where we gained access to a vulnerable Windows 10 machine via a weak RDP username and password. Now that we have our initial foothold, I will now show you a easy way to access the users stored passwords in the Google Chrome…

Using Hydra to Attack Windows Remote Desktop (RDP)

Posted on January 5, 2022September 19, 2023 by wp_writer

Hey all and welcome back to my channel! In this lab I will show you how to perform a basic Nmap port scan against a Windows 10 host to assess for any open RDP ports. We will then user a popular tool installed on Kali Linux called Hydra, to attack and brute force the username…

Enumerate Users & Brute Force Attack WordPress using WPScan

Posted on December 31, 2021September 19, 2023 by wp_writer

In this video we explore WPScan’s ability to enumerate usernames and brute force attack a vulnerable WordPress website using Kali Linux. We will also discuss possible mitigation techniques in the form of strong, unpredictable usernames and passwords, as well as explore a popular web application firewall (WAF) call Wordfence that can be used to further…

Using WPScan to Scan WordPress Sites & Setup RCE Attacks

Posted on December 29, 2021September 19, 2023 by wp_writer

With WordPress being as popular as it is, with and estimated 43% of websites online today using this content management system. It is super important that we as cybersecurity professionals know how to scan for vulnerabilities and protect against the many attacks these websites face on a daily basis. In this video I will show…