Advanced Penetration Testing Notes

Part 3

(Part 3: SQL Injection) On Firefox browser, go to 192.168.1.23/bookservice/deafult.aspx (Windows 7 IP), click on any book under ”Top Bestsellers”, notice the ”id=2”, this suggests usage of a database On Firefox broswer, go to [view]

By: GrapeApe561 | Related Lesson: WebApp (part 3) SQL Injection | Modified: March 25, 2018

apache

netstat -antp service apache2 start service apache2 stop /etc/network/interfaces service networking restart nc -lvp 1234 -e /bin/bin.. l for listen p for port nc for netcat cat /etc/shadow or /etc/passwd   [view]

By: Musaid | Related Lesson: Linux (part 5) IP Addressing and netcat | Modified: March 25, 2018

Nmap

Si me i perdor skriptat per Nmap cd /usr/nmap/scripts [view]

By: armendukmata | Related Lesson: Vulnerability Scanning (part 3) Nmap Scripting Engine | Modified: March 25, 2018

Nessus

service nessusd start in web 127.0.0.1:8834 Nessus home eshte free kurse pro me pagese. Nessus home ka kufizime. shkojme Policies > New policies zgjedh ne liste  shembull Credential Patch Audit ose Basic Network Scan. zgjedhim advanced mode dhe s [view]

By: armendukmata | Related Lesson: Vulnerability Scanning (part 2) Nessus | Modified: March 25, 2018

netstat

netstat – [view]

By: doublehelix | Related Lesson: Linux (part 4) chmod, manipulation and packages | Modified: March 25, 2018

information gathering

1. whois 2. nslookup 3. fierce -dns 4. host -t  5.zonetransfer: host -l   [view]

By: chennylmf | Related Lesson: Information Gathering (part 3) Targeting Email and Maltego | Modified: March 24, 2018

part 2

  (Part 2: Vulnerable Web Applications)   192.168.1.23/bookservice (Windows 7 apps)   burpsuite   java burpsuite.jar   locate burpesuite   On Applications, go to Kali Linux, go to Web Applications, go to Web Application Proxies, click burpsuite [view]

By: GrapeApe561 | Related Lesson: WebApp (part 2) Vulnerable Web Applications | Modified: March 24, 2018

cut

cat file | cut -d ” ” -f 1 sort -u [view]

By: Musaid | Related Lesson: Linux (part 4) chmod, manipulation and packages | Modified: March 24, 2018

arp spoof

arpspoof -i eth0 -t 192.168.1.76 192.168.1.80 [view]

By: amine.atarboulaich | Related Lesson: Traffic Capture (part 3) Address Resolution Protocol ARP | Modified: March 22, 2018

vul scan web app

mysql  -h 192.168.1.76 http://192.168.1.76 cadaver http://192.168.1.76/webdav dirbuster nikto -h http://localhodt   [view]

By: amine.atarboulaich | Related Lesson: Vulnerability Scanning (part 5) WebApp, XAMPP, WEBDAV, nikto | Modified: March 22, 2018

« First ‹ Previous 1 9 10 11 12 13 21 111 243 Next › Last »

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel