Skip to main content

Hacking Windows 10: How to Turn Windows PCs into Web Proxies

A hacker with privileged access to a Windows 10 computer can configure it to act as a web proxy, which allows the attacker to target devices and services on the network through the compromised computer. The probes and attacks appear to originate from the Windows 10 computer, making it difficult to detect the attacker's actual location. The attack works with an OpenSSH server and Tor. In newer versions of Windows 10, an SSH server may already be installed and running, making it that much easier for attackers to abuse the service. While Tor is used in my example, other tools like ngrok and... more



from Null Byte « WonderHowTo full article here

Popular posts from this blog

BlackArch Linux - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. It contains over 1800 security and hacking tools. Here is the complete list of tools in the BlackArch Linux: 0d1n : Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. 0trace :  A hop enumeration tool. 3proxy : Tiny free proxy server. 3proxy-win32 : Tiny free proxy server. 42zip : Recursive Zip archive bomb. a2sv : Auto Scanning to SSL Vulnerability. abcd : ActionScript ByteCode Disassembler. acccheck : A password dictionary attack tool that targets windows authentication via the SMB protocol. ace : Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface ad-ldap-enum : A LDAP based Active Directory user and grou...
Read more

Mobile Security Framework (MobSF) - An All-In-One Mobile Application Security Assessment Framework

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing. Screenshots: Static Analysis - Android Static Analysis - iOS Dynamic Analysis - Android APK Web API Viewer Requirements: Mac: Install Git Install Python 3.6 - 3.7 (3.8 is not supported) macOS Catalina users must uninstall existing python3 and install the one from Python.org . After installation, go to /Applications/Python 3.7/ and run Install Certificates.command and Update Shell Profile.command Install JDK 8+ ...
Read more

How to Hide Your IP with a Private Internet Access Proxy

Proxies can be quicker to use than a VPN for specific applications, like web browsers or torrent clients. This is because VPNs encrypt all data through a VPN network. A proxy acts as a middleman for fetching and returning requests from a server on behalf of a client wishing to hide their IP. While you may know PIA's $3/month VPN service, their proxy service may sometimes be the better choice. Privacy tools like proxies and VPNs become more important since it was revealed that the NSA flags IP addresses for surveillance simply for searching or downloading tools like Tor and Tails Linux ... more from Null Byte « WonderHowTo full article here
Read more