6 posts tagged with "hacking"

If you are just getting into the field of cyber security, you will quickly notice this one tool called "Metasploit" popping up everywhere. Metasploit a very popular tool among penetration testers, and is developed by Rapid7. In fact, learning the basics of Metasploit is considered so important, that Rapid7 even made their own vulnerable virtual machine called Metasploitable for students to learn and play around with. If you were to look for books about Metasploit, you will easily be able to find hundreds... Among these, the Metasploit Cookbook (Amazon, PDF) is an excellent resource and is something that I can recommend personally.

With all the "snake oil" hype surrounding metasploit, it can be hard to know where to begin from and this article is to guide you through the basic, common concepts and to help you get up and running.

Also, at the very end, I'll share a hot take about Metasploit - one that many will probably agree with, but some definitely won't.

On April 2nd, 2025, the Sri Lanka Department of Pensions reportedly became the target of a ransomware incident attributed to a group identifying itself as "Cloak." According to publicly visible information, the group claimed responsibility and set a deadline of May 26th, 2025, allegedly demanding a ransom.

Following the deadline, the group published what they claim to be 617GB of data. It is currently unclear whether this data originated from the Department of Pensions, as no official confirmation has been issued regarding the authenticity or sensitivity of the leaked files.

As with any such case, it’s important to approach leaked materials with caution and avoid downloading or redistributing them, as doing so may violate data protection laws.

This is my first time (well, actually the second time) playing with Metasploitable. Please note that Metasploitable2 is what I'll be working with in this post. Let's look at the easiest ways to exploit it and also cover how these vulnerabilities can be fixed. Let's get started!

A threat actor on a popular dark web forum has leaked the personal data of approximately 110,000 users of the Abans Group in Sri Lanka. Abans PLC, also known as Abans Group, is a Sri Lankan public limited company and a diversified conglomerate engaged in ICT, retail, manufacturing, logistics, commercial real estate, and financial services.

This guide explains how to access Edexcel past papers by analyzing URL structures and website configurations. It explores direct link access, potential misconfigurations, and ethical considerations. While the method may work under certain conditions, users are reminded to respect copyright laws and website terms of service.

In today’s internet, SNI (Server Name Indication) plays a critical role in making secure connections. However, the SNI field is sometimes used as a gatekeeper to restrict or manage content access. This blog post will walk through what SNI spoofing is, why it works, and demonstrate how to implement a basic SNI spoofing proxy in Python.