Articles by Kennedy Muthii
How to manage Pentest Projects with Cervantes?
Cervantes is an open source, a collaborative platform designed for pen-testers and red teams looking to save time and manage their projects, clients,
How to Hack Social Media Accounts - ZPhisher [5 Simple Steps]
Step by step instructions to hack social media accounts using automated phishing tool i.e. zphisher with practical example.
Create forensic image with FTK Imager [Step-by-Step]
Step by step instructions to obtain forensic image and volatile memory image from PC using FTK Imager with screenshots
Social Engineering Attacks [8 Common Attacks]
Different types of social engineering attacks and how they are performed explained in detail
Automate phishing campaigns using FiercePhish [Step-by-Step]
With the help of a robust open-source tool FiercePhish, you can manage a wide range of phishing operations as well as carry out several phishing engagements
Install Gophish phishing framework Kali Linux [Step-by-Step]
Step by step instructions to install gophish phishing framework in Kali Linux. Complete tutorial to learn about gophish dashboard and configuration.
Setup Hacking Lab with Metasploitable [7 Easy Steps]
We will setup hacking lab which will consist of an attack orchestrating Operating System which in our case we will use the Kali Linux operating system and a …
Automate SSH Brute Force Attack [4 Methods]
SSH brute force attacks are a type of cyber attack that is becoming increasingly common. They involve the use of automated software to try and gain access to
Nettacker - Automated Pentesting Framework [Tutorial]
Nettacker is an open-source penetration testing tool that automates various network attacks and is part of the OWASP (Open Web Application Security Project)
How to crack hash using hashview [Step-by-Step]
Step by Step instructions to crack hash using hashview in Linux.
6 Banner Grabbing Tools with Examples [100% Working]
The 6 different tools which we can use for Banner grabbing are Dmitry, Netcat, Nikto, Wget, cURL and nmap
How to setup proxychains for 100% anonymity [Step-by-Step]
Hello learners, in this guide we will setup proxychains when using the internet to ensure anonymity. Proxychains is a tool used by both black hat and white
4 different MITM Attacks with Xerosploit [Step-by-Step]
Hello learners, we have learnt of how man in the middle attacks can be performed previously. In this article we will use xerosploit to perform attacks.
Steps to encrypt usb drive with VeraCrypt [100% secure]
Step by step instructions to encrypt USB drive using veracrypt software using a strong password and a strong hashing algorithm to ensure maximum security
How to perform in-browser OSINT using Mitaka
Mitaka which is an open-source intelligence tool to check and confirm the authenticity of various components we interact with as we use the internet for our …
Learn hacking with Metasploitable 2 [Step-by-Step]
Step by step beginners guide exploit remote services in Linux using Metasploitable 2 and Kali Linux. We learn to exploit samba server, ftp server on port 21 and …
How to track IP address using an Image [6 Easy Steps]
step by step instructions to track ip address of any computer using an image.
L3MON - Hack Android Mobile Remotely [Step-by-Step]
Step by step instructions to hack android remotely using l3mon RAT i.e Remote Administration Tool. Install malware on the android to access the mobile.
Perform a Local File Inclusion Attack [100% Working]
Local file inclusion (LFI) is a type of cyber attack in which an attacker is able to gain access to sensitive information stored on a server by exploiting the
How to use Andriller - Forensic Tool [SOLVED]
Andriller is a popular and comprehensive android forensic tool that provides a powerful suite of features for forensic experts and law enforcement agencies to
Tutorial - Lockphish V2.0 PIN phishing attack
Many devices use PIN to protect privacy of their users. In this guide, we will be using lockphish tool to phish for pin locks for different target operating
How to build Windows Remote Access Trojan? [SOLVED]
After the installation is complete, we can now proceed to install, run and use RAT-el to build a Windows RAT payload. We download the tool’s file from its
MobSF: Android App Pentesting [Step-by-Step]
Mobile app pentesting is a crucial process that ensures the safety of data and sensitive information stored in mobile applications. With the rising number of
APKHunt: Android App Pentesting [Step-by-Step]
APKHunt is a powerful tool used in the android app pentest. Android app pentest, short for Android application penetration testing, is the process of
Hack Android Remotely with Ghost Framework [Step-by-Step]
In this guide, we will be running Ghost framework on a Kali Linux PC.
How to use SpiderFoot? [SOLVED]
Spiderfoot is a versatile and powerful open-source reconnaissance tool that can gather intelligence about a target. This tool is designed to automate various
How to Bypass Android Lock Screen? [100% Working]
Android PIN bypass refers to the process of bypassing the PIN code that is used to lock and secure an Android device. This can be done through various
Browser-in-the-Browser Attack [Step-by-Step]
A browser-in-the-browser attack is an exploit that involves an attacker using a malicious browser to gain access to a target system. This type of attack is
How to setup Android Pentesting Lab [100% Free]
Step by Step instructions to setup Android pentesting lab with examples
Perform Postgres DB Brute Force Attack [100% Working]
In this guide, I will show how an attacker can perform a Postgres brute force attack on a target system to gain access to a database.
Perform VNC Brute Force Attack [100% Working]
In this guide, I will illustrate ways a bad actor may perform a VNC brute force attack to gain access and control a target computer.
How to Brute Force Attack on Web Forms? [Step-by-Step]
In the previous guide, we learned how to generate a word list using Crunch. In this guide, we will learn how to brute force a web form using THC-Hydra. We
Wordlist Generator using Crunch [6 Methods]
Use crunch as wordlist generator or generating password strings for brute force attacks
Automated web cache deception attack [Tutorial]
Many of the websites on the internet are still prone to a web cache deception attack. In this kind of attack, a bad actor will “fool” a webserver to serve
Use canary tokens for intrusion detection [Tutorial]
Step by Step instructions to use canary tokens for intrusion detection
DDoS attack with Torshammer Tool [100% Working]
Step by step instructions to perform a DDO attack on a website and bring down the website
5 Most Used Tools to Dox Someone [Free and Paid]
5 paid and open source doxing tools to dox someone using different methods
Snapchat Phishing using Grayfish [100% Working]
Step by step instructions to perform snapchat phishing using grayfish. Hack snapchat account using grayfish with examples
How to perform Evil Twin WiFi Attack [Step-by-Step]
Step by Step instructions to perform evil twin wifi attack on WPA/WPA2 devices. Use airgeddon to perform evil twin wifi attack on Kali Linux
Steps to embed payload in PDF [100% Working]
step by step instructions to embed payload in pdf to attack a windows system. Get backdoor access to windows system by exploiting a pdf file
Using WPA2 WiFi Honeypot for Ethical Hacks [Step-by-Step]
Create a malicious WiFi honeypot to steal passwords and other personal information of our targets.
Easy OSINT using infooze tool V 1.0 [With Examples]
Infooze is an open source intelligence tool made with Nodejs and automates the information gathering process helping the user gather information in a quicker
Damn Vulnerable Web Application hacking [Top 3 Easy Exploits]
Damn Vulnerable Web Application hacking [Top 3 Easy Exploits] damn vulnerable web app Hello learners, in this guide we will be learning how to execute web …
How to create windows undetectable payload - technowlogger
A keylogger is a tool mainly used by hackers to collect user input data on a device. An example of a keylogger is the technowlogger. Over the years, hackers
Social Engineering Toolkit Credentials Phishing [5 Easy Steps]
In some Kali Linux distributions, social engineering toolkit is already installed. To install SET, we will clone it from its official github repository as
Use SocialFish V3.0 for simplified phishing [Step-by-Step]
Hello learners, in this guide we will be using socialfish to acquire credentials form our target. In the previous guides we learnt what is social engineering
How to install Caine 11.0 VM [Step-by-Step]
Hello learners, in this guide I will be showing you how you can install Caine forensic operating system as a virtual machine. The full meaning of the word
3 easy steps to obfuscate android payload to avoid detection [ApkBleach]
Hello learners, in the first part of our android payload guide, we embedded an android payload to a legitimate application. The application is however getting
Encode message in image with Steganography [Step-by-Step]
In this tutorial we learn about 3 different tools which can be used to encode or decode messages inside image using steganography.
Analyze phishing email using Thephish [100% Working]
In this tutorial we shared step by step instructions to analyze phishing email using ThePhish which uses other open source yet powerful tools (MISP, Cortex and …
Analysing Volatility Memory Dump [6 Easy Steps]
In this step by step tutorial we were able to perform a volatility memory analysis to gather information from a victim computer as it appears in our findings. …
Create phishing campaign with Gophish [Step-by-Step]
Step by step instructions to create a phishing campaign using gophish framework. We have configured sending profile, added the sending profile and templates …
Embed Metasploit Payload on APK on Android File [Step-by-Step]
Step by Step instructions to use metasploit and kali linux to embed a payload on apk file using FatRat.
BEeF Hacking Framework Tutorial [5 Easy Steps]
Step by step instructions to use beef hacking framework with example. Beef hacking framework is a powerful tool that can be leveraged by systems security …