LIVE THE LIFE !

I really enjoyed hanging out in this lab. I worked on Kali Linux and windows using many different tools. I intrusioned my host and virtual machine in different ways, using fatrat and Metasploit. Most examples shown in the lab will not pass anti-virus programs and firewalls in real life. So I created exploits embedded in extensions like pdf, jpeg, and Docx. I created more hidden and powerful exploits. I have more than 100 screenshots in total. Of course, I will only share lab tasks and prevent the file from turning into an hackencyclopedia. : ) I hacked even into my own android phone. :)  Responder : I first encountered the responder tool while reading the hacker playbook. It's a simple to use tool that gives good results. Even if I easily reached my NTLM hash, I could not crack the password because my password was ultra-difficult. L0phtCrack : I saw the name of this tool for the first time in a book. It was featured in the stories in the book "The art of intrusion...

  OpenVAS,Nessus,LGuard,Nikto -Vulnerability Assessment Tools I used various tools to analyze vulnerabilities in this lab. These tools provide the detection of security vulnerabilities and malware in physical, virtual, and cloud environments. By following the paths taken by an attacker, as we learned in the introduction to ethical hacking, we will discover our system's weaknesses and find solutions to it. As an ethical hacker, we conduct penetration tests for companies' systems and network security in business life. Even if I do not have such experience professionally, I am familiar with terminologies. I guess I can feel like a true ethical hacker in the lab because of the scenario. Penetration testing service ensures that organizations are prepared and resilient against cyber attacks. Thus, by thinking like a hacker, applying infiltration and capture scenarios to the system, and trying all the methods that attackers can try, they ens...

Siber suçlular, sürekli olarak kamuya açık güvenlik açıklarını tarıyor ve kullanıyor. Son zamanlarda, ABD Ulusal Güvenlik Ajansı (NSA), bilgisayar korsanları tarafından istismar edilen en önemli 25 güvenlik açığını detaylandıran ve ABD kamu ve özel sektörlerdeki kuruluşları eyleme öncelik vermeye çağıran bir rapor yayınladı. Özellikle bu hafta başı Google ' a yapılan tarihin en büyük DDOS saldırısından sonra tüm oklar Çin devlet destekli APT hacker topluluğuna yöneldi.  Çin Devleti siber ordusunu genişletmek ve güçlendirmekte oldukça kararlı. Bunun için yasa dışı işler yapan güçlü hack gruplarını da desteklemekten çekinmiyor. Ülkemizde çeşitli kurumlara saldırı yapan Çin'li hacker'lar kaşınıyor.:))   En büyük 25 güvenlik açığı Rapora göre, Çin devlet destekli bilgisayar korsanlarının, çok sayıda kurban ağına karşı stratejik hackleme operasyonları başlatmak için bu güvenlik açıklarını kötüye kullandığı görüldü. Bu güvenlik açıklarının çoğu, uzaktan erişim veya ha...

  Our topic is “ how to scan a target network using Metasploit.”  First, let’s explain what Metasploit is. Metasploit  is an open-source exploit framework. Metasploit; It can run in Linux, Windows Mac-OS environments. With Metasploit, not only direct attacks are made. You can make various backdoor files and attack the target system with them. Abuse codes written for vulnerabilities can be found on the site https://www.exploit-db.com/. Metasploit is a framework that includes scanning modules, antivirus circumvention models, and currently exploits. Metasploit comes preinstalled on Kali Linux, Backtrack Linux, or Parrot Linux. There are also auxiliary tools required for reverse engineering in Metasploit. Metasploit 3.0 and later versions are developed in the "Ruby" language. Apart from Metasploit, exploit codes can also be downloaded from sites such as https://packetstormsecurity.com/, milworm, and https://www.securityfocus.com/. However, the codes to be...