Advanced Penetration Testing Notes

android app

turning an android app into a backdoor using SPF agent [view]

By: sirrush | Related Lesson: SPF (part 3) Turning an Android App into a SPF Agent | Modified: August 7, 2017

attach to smartphone based

attach to a phone using a android simulator can upload to a webserver and have phone DL the app and install [view]

By: sirrush | Related Lesson: SPF (part 2) Attach to Smartphone Based Apps | Modified: August 7, 2017

SPF

smartphone pentesting [view]

By: sirrush | Related Lesson: SPF Introduction (part 1) | Modified: August 7, 2017

Structured

structured exception handler overwrite – how windows deals with errors in a program use !mona to find an seh to find a series of registers SafeExceptionHandler [view]

By: sirrush | Related Lesson: Exploit Development (part 14) Structured Exception Handler Over-Write | Modified: August 7, 2017

Information Gathering (part 5) NMAP

TCP Scan – nmap -sS IP_Address -p port UDP Scan – nmap -sU IP_Address -p port Version Scan – nmap -sV IP_Address nmap -sV -p port IP_Address [view]

By: yog_sat | Related Lesson: Information Gathering (part 5) NMAP and PortScanning | Modified: August 7, 2017

Information Gathering (part 4) recon-ng

Tools:- recon-ng in Kali Its similar to Metasploit Google dorks – Google Hack for Searching Google searching technique by which you can find more details. It’s managed by ExploitDB currently. [view]

By: yog_sat | Related Lesson: Information Gathering (part 4) recon-ng and google operators | Modified: August 7, 2017

Info Gathering - Domain

whois domainname whois bulbsecurity.com whous georgiaweidman.com nslookup or host command to get more information about domain and subdomain nslookup www.bulbsecurity.com *Find mail servers nslookup >set type=MX >bulbsecurity.com *Find DNS serv [view]

By: yog_sat | Related Lesson: Information Gathering (part 2) Domain Name Services | Modified: August 7, 2017

making MSF exploit

making a exploit into metasploit vuln, msf uses ruby used a ruby exploit in the same protocol tftp as a base/skeleton   [view]


fuzzing

fuzzing like error based testing to find a vulnerability. tftp is udp so stateless/connectionless you want to setup a loop where it adds a length say 50/100 bytes per loop [view]

By: sirrush | Related Lesson: Exploit Development (part 11) Fuzzing | Modified: August 6, 2017

shellcode

using msfvenom to create shell code msfvenom -p /windows/shell_bind_tcp -b \x00\x0a\x0d\x40 (set the port above 10000 to evade FW can also use reverse tcp)   if shellcode is not the same size as needed then you must pad it a bit buf += appends the b [view]

By: sirrush | Related Lesson: Exploit Development (part 10) Creating Shell Code in Kali Linux | Modified: August 6, 2017

« First ‹ Previous 1 5 95 103 104 105 106 107 115 205 243 Next › Last »

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel