SQL Injection is one of the most important and common attacks on web sites. Nearly every website has a database behind it containing confidential and valuable information that can often be compromised by a well-designed SQL injection attack. There are many SQL injection tools, but probably the most popular is sqlmap. In this tutorial, we […]
Continue Reading
Welcome back, my greenhorn cyber warriors! In my previous posts in this series, we installed Snort, configured Snort, set up Snort to send alerts to a database (MySQL) and wrote Snort rules. In this post, we will test our new Snort installation to see whether it can detect and alert us on well-known attacks before […]
Continue Reading
Welcome back, my aspiring cyber warriors! In this tutorial on Web App Hacking, we’ll examine Operating System command injection. This web site vulnerability enables the attacker to inject and execute operating system commands into the underlying server and often fully compromise the server and all its data. If the attacker can inject OS commands on […]
Continue Reading
Welcome back, my aspiring Metasploit Cyber Warriors! In this series, we are exploring the power and features of the world’s most popular and powerful exploitation framework, Metasploit. In this tutorial, we will be examining how to connect the postgresql database to Metasploit. In this way, we can speed up our Metasploit module searches, save our […]
Continue Reading
Welcome back, my aspiring cyber warriors! Web sites are built using a variety of technologies (see Web Technologies here). In most cases, before we develop a hacking strategy of the web site, we need to understand the technologies employed in building the website. Web site attacks are not generic. Attacks against WordPress-based web sites won’t […]
Continue Reading
Welcome back, my aspiring cyber warriors! Metasploit, one of my favorite hacking/pentesting tools, has so many capabilities that even after my many tutorials, I have only scratched the surface of its capabilities. For instance, it can be used with Nexpose for vulnerability scanning, with nmap for port scanning, and with its numerous auxiliary modules, nearly […]
Continue Reading
As nearly all of you know by now, the Raspberry Pi is a powerful and inexpensive computer that anyone can own and use. The Raspberry Pi is only slightly larger than a credit card and yet powerful enough to fulfill nearly any of your computing needs. In this series, we will be building what I […]
Continue Reading
Welcome back, my rookie hackers! In Season 1 Episode 6 Elliot is being blackmailed by the ruthless and unrelenting drug dealer, Vera, to hack him out of jail. He is holding Elliot’s new love interest, Shayla, hostage and has given Elliot until midnight to hack the jail’s computer system in order to release him. Elliot […]
Continue Reading
So many of you who could not attend the CWA Prep course have asked whether you could purchase class videos that we have now made them available for purchase! For just $99, you can get almost 20 hours of class videos covering all 14 domains of the CWA exam. Simply follow along as OTW covers […]
Continue Reading
Metasploit is widely recognized as a powerful tool to conduct penetration testing and hacking on traditional IT systems, but few people recognize that it also has capabilities within the more obscure–but increasingly important– SCADA/ICS sector. Information security for SCADA/ICS is the next great frontier in our industry! If you want to learn more about SCADA/ICS […]
Continue Reading
Sec+ is the first step to becoming a cybersecurity professional and a job requirement for many roles.
Join Master OTW for an immersive, LIVE Bootcamp at just $249 (Free for Subscribers/Pro).
Hurry – only 20 guest spots available! Don’t miss your chance to pass your first certification.
We have never offered a package like this before!
This all-in-one bundle has helped countless beginners achieve their first certifications, including Security+, CWA, and Linux Basics.
Order today and receive the updated Sec+ 701 in February at no extra cost!
Each month one purchaser will be selected to