Python can be used to develop a small customized application to automate cross site scripting attack, it can be very useful if you are performing a penetration test and need to automate few tasks. We will be using two python libraries Beautiful Soup and Mechanize to parse the website document and than submit forms using Mechanize. Cross Site Scripting is…
Combine Python Graphical User Interface with SQL Injection
Python is great language for penetration testing, I saw that people mostly develop python applications with command line versions only. How ever python have such a beautiful library named Tkinter to develop a graphical user based application, in this article we will combine Tkinter with sql injection to create a small GUI application that can check a website for SQL…
Use Python to automate SQL Injection!
Manually testing for SQL Injection on your web application is really a hectic job, and some times the automatic scanners available does not actually fit your needs. Python comes to our rescue with its rich set of available libraries that can easily automate this task for us. You can easily write python scripts that fits your application requirement plus you…
How to install and configure ModSecurity on cPanel/WHM!
Website security is very important matter to date, and ModSecurity is one of the best web application firewall out there helping many web masters around the world securing their web application. Already a lot of hosting companies and individual users are using cPanel/WHM to manage their web servers, in this article we will see how we can install and configure…
How to install missing PHP Extensions in cPanel/WHM
PHP is one of the most used server side programming language. Mostly PHP becomes the reason for a website to become slow, for that reason PHP is a modular language and all the PHP modules/extensions are not installed by default so that it can be as light weight as possible. Now different kind of applications have their own customized needs…
WordPress Security Through Logging & Audit Trail
WordPress security; many typically think of hardening techniques, WordPress hacks, firewalls and other similar defensive mechanisms and plugins. Though there is another very important aspect of security; logging and audit trials. A WordPress audit trail allows you to keep an eye on the production of all your users, keep a record of every change that happens on your WordPress, and…
How to move Website + Database from cPanel to vestaCP!
In our previous article, we explained how to use vestaCP and explored some of its features. If you haven’t already read the article you can go and read at cPanel Alternative: VestCP. But if you already have an idea on how to use vestCP than its fine to continue with this article. In this article, we will see how to…
How to install ModSecurity (mod_security) in apache web server on Ubuntu!
ModSecurity is one of the best web application level firewall, it can stop most of the common web attacks before even they reach your web application. If your website is vulnerable to an XSS attack, and ModSecurity is installed in your server than it can easily prevent that attack from reaching your web application, that does not means you should…
How to hack WordPress through plugins!
Word press is one of the most used blogging platforms, and word press core (word press without plugins) is pretty much secure already. As word press is a blogging platform we need additional plugins to extend its functionalities, there are many plugins available to even completely change your word press installation to an e-commerce site. But even the word press…
How to backup and transfer a Proxmox VM to another Proxmox Node
Moving proxmox virtual machines between different servers became very easy with recent proxmox updates. You can use proxmox web GUI or command line interface to create a proxmox virtual machine backup and than move to a remove server. In this article we will see how to backup and transfer a proxmox vm to another proxmox node, both using GUI and…