Category: Pentest


HMAC (Hach-based Message Authentication Code) Tutorial

Hash-based Authentication Message Code or HMAC is used to authenticate message with hash functions. Message authentication is important mechanism in cyber security and used to check message authenticity. There are different ways and mechanisms for Message Authentication. Message Message is the data, text, image or whatever else we want to...


What Is Base64 and How To Encode and Decode Text?

Base64 is an encoding and decoding algorithm. We need encoding of some data in order to prevent storing and transmission problems. For example If we try to transfer binary data it may create and affect some network devices because of its data structures. Base64 is generally used different applications like...


How To Download and Install Nmap For Windows Operating Systems?

nmap  is very popular network scanning tool. Windows operating systems like 7, 10, Server are most used operating systems too. But we know that these two popular things do not meet together in most of time. nmap  is by default provided by most of the Linux distributions like Fedora, Ubuntu,...


How To Scan All TCP and UDP Ports with Nmap?

Nmap is very useful and popular tool used to scan ports. Nmap by default scans most popular 1000 ports. We may need to change the port range and protocol type to all while scanning with nmap. Scan All TCP Ports with Range We can specify the port range with the...


How To Use OpenSSL s_client To Check and Verify SSL/TLS Of HTTPS Webserver?

OpenSSL provides different features and tools for SSL/TLS related operations. s_lient is a tool used to connect, check, list HTTPS, TLS/SSL related information. Simply we can check remote TLS/SSL connection with s_client . In this tutorials we will look different use cases of s_client . Check TLS/SSL Of Website The basic and most...


Display, Add and Remove Arp Information with Windows Arp Command

Arp is a protocol used to determine host IP addresses from their physical MAC or Ethernet address. Windows operating systems provides arp command in order to manage arp related information. With arp command we can display, add and remove arp entries in ARP cache. ARP Cache ARP and IP entries are hold...


How To Crack Password with John The Ripper Incremental Mode

This is the most powerful cracking mode. Keep in mind that generally cracking will never end in this mode if there is no password because combinations are too large. Configurations about Incremental Mode can be found in configuration file [Incremental:MODE] section.

–incremental is used to specify incremental Mode Set Only Numeric...


How To Crack Password John The Ripper with Wordlist

Word list mode is the simplest cracking mode. We need to specify the word list.  The specified word list will we mangled according to default rules. Which means the words in the word list will be changed for usage. Word list should not contain duplicates which will bring down efficiency....


How To Crack Passwords with John The Ripper Single Crack Mode

As we stated before in single crack mode [List.Rules:Single] method of configuration file is used. In this mode login:password are cracked by using default password-list. Single Mode is much faster than Wordlist Mode. Linux Example We will crack linux passwords with Single Mode. First we need the create one file by unshadowing /etc/passwd and /etc/shadow...


How To Crack Passwords with John The Ripper with GUI

Hackers preferred mode for tool usage is cli. John is developed for cli primarily. But there is also a gui part and can be installed like below. We named is johnny

We can provide login and password hashes like below     We can select password hash type manually...

Enjoy this blog? Please spread the word :)