[Tutorial] Creating an Undetectable Backdoor & Bypassing Antivirus programs

Veil-Evasion is a tool that can generate backdoors that are not detectable by anti virus programs, in this video you will learn how to install it, generate a backdoor, listen for incoming connections and hack a Windows 10 machine.


[Tutorial] Installing Kali Linux 2016 Using The Iso Image

Previously I explained how to install Kali Linux as a virtual machine inside Virtual Box, in today tutorial you will learn how to install Kali Linux using the ISO image, you can follow this method if:

  1. The ready image didn’t work for you for any reason.
  2. You want to install Kali inside another virtualisation solution for which there are not ready images.
  3. Install it as a main real machine.



[Video] Creating fake software update and hacking windows 8 using Wi-fEye

In this video , you’ll see how easy it is to create a fake software update and hack windows 8 using Wi-fEye.


Wi-fEye will create a back door (or you can use your own) , then it will start Evilgrade server and DNS-spoof all requests to update the target software to our machine where we have Evilgrade running , Evilgrade will send the back door to the target machine instead of sending an update , once the machine receives the update file it will run it and execute our back door :)


[Video] Session Hijacking using Cookie Cadger

We all know that we can sniff passwords in our networks easily even if its sent over HTTPS (ie: SSL encrypted) , the problem is  most of users these days save their passwords in their favourite website (the “keep me logged in feature”) , when you do this the website authenticates the users using their cookies not using their password , this means the password is not sent over the network and therefore we can’t sniff it , instead we can sniff the user’s cookies and inject it into our browser.

In the past I used to use a tool called Hamster , however this tool is outdated now and the download link on its official website is broken , the one in backtrack keeps crashing and doesn’t always work.

Another famous tool to do this is a firefox plugin called firesheep , again its old and there is no official release for linux.

Cookie Cadger is a great program written in java , its very easy to use and best of all , it always works , every time I run a test it works perfectly.

To run Cookie Cadger you will need Wireshark , Java 7 and a new version of Firefox.


PS: you can use sslstrip with this attack to downgrade HTTPS connections to HTTP