December 2017


Undetected Metasploit Payload

Undetected Metasploit Payload – A payload in metapsloit refers to an exploit module. There are three different types of payload modules in the Metasploit Framework: Singles, Stagers, and Stages. These different types allow for a great deal of versatility and can be useful across numerous types of scenarios. Whether or not a payload is staged, is


FlashDom – Massive Domain Resolver

FlashDom Massive Domain Resolver was created using Go. I built this tool just to help myself when trying to resolve domains from a file. File Download: Download while giving donation Virus Scan : VirusTotal Sha256Sum : 5855f2ce2450795128c969b53766c7282046241e7219561dc04da02e70f22dbe If you have any idea about this tool, you can leave a comment here on my blog. 🙂


XSS Cryptocurrency Miner

Yes, I am talking about CoinHive that could turn XSS to XSS CryptoCurrency Miner to add the value when reporting XSS for bounty hunter. So, It is not just a pop-up or stealing cookies. This will give higher risk for XSS itself because CoinHive already detected by some antivirus and AntiVirus will block the website


Uncovering Real IP Address Behind CloudFlare

This python code will request to crimeflare to uncovering real ip address behind cloudflare. get the real IP address of a domain which is hiding behind cloudflare.

Yes!! This Python code is just requesting another source, I am not that 31337 to code something like that. Might be someone who can turn off analog


Exploit XXE Vulnerability Using Excel File

From my last article, we can exploit XXE using Docx file. Now lets build exploit XXE vulnerability using Excel file. Exploit XXE Vulnerability Using Excel File? Microsoft released OOXML Document, OOXML Presentation and OOXML Workbook in 7 December 2006. Source: Wikipedia. So, what is Office Open XML? Office Open XML, also known as OpenXML or