Penetration Testing Linux Servers with Hydra for SSH Login

2024-11-202025-10-29 ~ Tom's IT Cafe ~ Leave a comment

Disclaimer: This article is intended solely for educational and authorized penetration testing purposes. Unauthorized access to systems is illegal and punishable by law. Always have explicit permission before attempting any form of testing on a system.

Linux servers are a backbone of today’s internet infrastructure, supporting critical operations for countless organizations. While Linux is known for its robust security features, misconfigurations and weak credentials can still leave servers vulnerable to unauthorized access. Hydra, a powerful network login cracker, is commonly used by penetration testers to assess the strength of SSH login credentials on Linux servers.

Continue reading →

How to brute force a web application password with Burp Suite? Basic dictionary attack in practice!

2023-01-272023-04-28 ~ Tom's IT Cafe ~ Leave a comment

With Burp Suite we can initiate dictionary attacks against a website. This time in this simulated attack we will brute force the login field of the Juice Shop web application. We already know the email address of an admin user, so we have to make sure to find the right password.

Important note: hacking in the wild is illegal! Do NOT do it out of the lab, unless you are a penetration tester with a signed contract!

Continue reading →

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31