Learn Cybersecurity

  Apache Tomcat Upload Exploitation (Step-by-Step Guide) 🎥 Watch the demonstration here : https://youtu.be/P8nlsRdKzT8 If you’re diving into web exploitation or pentesting Apache Tomcat servers, upload-based exploitation is one of the key techniques to understand. This method targets weak configurations where Tomcat allows file uploads (such as WAR files) that can be executed on the server—leading to Remote Code Execution (RCE) . In this blog post, we’ll walk through Apache Tomcat Upload Exploitation with clear steps and explanations. Whether you're learning ethical hacking or creating educational content, this walkthrough is a practical hands-on example. 🔧 Requirements Kali Linux or any attacker machine Apache Tomcat server (target) Valid Tomcat credentials (default or stolen) Metasploit (optional, but useful) ✅ Step 1: Access the Tomcat Manager Panel Tomcat’s web interface usually runs on: http://<target-ip>:8180/manager/html If credentials are know...

  How to Discover Vulnerable Samba Shares with Metasploit  Before you dive into the attack you have to be vulnerable so if you use Kali linux you have to disable your filewall as below.  🔥 Using UFW (Uncomplicated Firewall) Check if UFW is installed and active:                               sudo ufw status                               To disable the firewall:                               sudo ufw disable      To make sure it doesn’t auto-start on boot (optional):                sudo systemctl disable ufw   🔥 Using iptables To flush (clear) all rules and effectively disable the firewall:            ...

 Change your Android phone IP Randomly  This is only education purpose so do not use the technique for any harmful Activities.   Step 1: Confirm Root Access Before anything else, make sure your phone is properly rooted or not. It must be rooted. Install a root checker app from the Play Store (e.g. Root Checker ) Verify you have superuser access. Step 2: Install Orbot (Tor Proxy) Download Orbot from the official Tor Project site -https://www.torproject.org/download/ or the Play Store. Open Orbot Grant root access when prompted by SuperSU/Magisk Step 3: Enable Transparent Proxy (Root Mode) This is what enables system-wide Tor routing: Launch Orbot Tap the Settings icon Scroll down to "Transparent Proxying" Enable: "Tor Everything" "Enable Transparent Proxying"   "Request Root Access" This routes all traffic through Tor – including apps that don’t support proxies or VPNs.   📱 Step 4: (Opt...

  Dive Into Ethical Hacking with Metasploit: A Beginner’s Guide by Learn Cybersecurity BD. Are you ready to dive into the world of ethical hacking and discover how real cybersecurity professionals uncover system vulnerabilities before real attackers do ? Then you need to understand the power of the Metasploit Framework — one of the most essential and widely used tools in cybersecurity. 💡 What Is Metasploit and Why Is It So Important? Metasploit is a powerful open-source framework that allows ethical hackers and security professionals to simulate real-world cyberattacks in a safe, controlled environment. It’s a must-have tool for penetration testing, vulnerability scanning, and security research. Whether you're scanning systems with Nmap , exploiting a misconfigured service, or performing post-exploitation with Meterpreter , Metasploit unifies all these tools into a single robust platform. What is Metasploit? Metasploit Framework is a powerful penetration testing...

  Wireshark Basics for security and analysis.   Wireshark is a powerful and widely-used network protocol analyzer that captures and displays data packets flowing through a network in real time. It allows cybersecurity professionals, system administrators, and developers to see what's happening at a micro level in their network. Originally developed as Ethereal, Wireshark supports hundreds of protocols and runs on Windows, macOS, and Linux. Its graphical interface makes it user-friendly, while also offering advanced features for filtering, coloring, and reconstructing TCP sessions. Wireshark captures raw packet data from network interfaces, which can then be analyzed for troubleshooting, performance tuning, or detecting malicious activity. What sets Wireshark apart is its deep packet inspection —it decodes protocol layers, giving insight into everything from HTTP headers to SSL handshakes. Whether you're monitoring DNS traffic, investigating suspicious packets, or debuggin...