How to retrieve user’s passwords from a Windows memory dump using Volatility

About Volatility i have written a lot of tutorials, now let’s try to use this information in a real context extracting the password hashes from a windows memory dump, in 4 simple steps. 1. Identify the memory profile First, we need to identify the correct profile of the system: [email protected]:~# …

SQLiv: a massive SQL injection scanner

SQLiv is a Python-based scanning tool that uses Google, Bing or Yahoo for targetted scanning, focused on reveal pages with SQL Injection vulnerabilities. It uses known dorks in order to find vulnerable URLs. Features multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo targetted scanning by providing …

WPSeku: a Black-box WordPress Security Scanner

WPSeku is a Black-box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues. What is a Black-box scanner? Black-box security testing refers to a method of software security testing in which the security controls, defences and design of an application are tested from …