Cracking Linux passwords with John The Ripper

In our previous tutorial we gained root access to our target Linux machine running metasploitable. So now what can we do? Let’s try to crack some passwords and system credentials. First thing is to grab the password hashes. This is simply done by typing We get an output like above. Select the results, copy andContinue reading “Cracking Linux passwords with John The Ripper”

Powershell – Download and execute .exe

Here’s a simple script that will download and run an executable file from within Powershell. First let’s serve up the file from our host machine. We can do this very quickly with python. Go to the directory where the file is stored, right click and start terminal from here. This will put you in aContinue reading “Powershell – Download and execute .exe”

Evade Virus Scanners MSFVenom Payload Generator – CatchYou2

So in my efforts to find various ways of encoding MSFVenom payloads to evade virus detection and Windows Defender, I came across CatchYou-2, an updated version of CatchYou. Available on GitHub I have been able to generate payloads that when uploaded to were detected by only 1 out of 26 virus scanners. ( reading “Evade Virus Scanners MSFVenom Payload Generator – CatchYou2”