Advanced Penetration Testing Notes

traffic cap - analyze network protocol

captures traffic on network turn off permiscuous mode go to cli and connect to networks or ping or ftp and capture trafic convert hex? ftp credentials will be sent in plain text in packets [view]

By: Nathanf | Related Lesson: Traffic Capture (part 2) Analyzing Network Protocol with Wireshark | Modified: November 8, 2016

directory traversal

manual testing directory traversal allows you to move out of the webserver directory to access other parts of the file system   netcat a port -> show options -> then you can do things like use the verify option to verify a user account exists [view]

By: Nathanf | Related Lesson: Vulnerability Scanning (part 6) Directory Transversals | Modified: November 8, 2016

vuln scan part 5

xampp might have webdav on it you can talk to wbdav via cadava if it asks for credentials look them aup on google theres a metasploit for that webdav is used to upload files  section2: check xampp for url/phpmyadmin on web servers Tool1: dirbuster  [view]

By: Nathanf | Related Lesson: Vulnerability Scanning (part 5) WebApp, XAMPP, WEBDAV, nikto | Modified: November 8, 2016

Metsploit vuln scanning

service postgresql start service metasploit start 1) use ausiliary/scanner/ftp/anonymous 2) show options 3) set RHOSTS (options) can use gnmap cat of file to grep  ex: cat classscan.gnmap | grep Up | cut -d ” ” -f 2 sort -u > live hos [view]

By: Nathanf | Related Lesson: Vulnerability Scanning (part 4) Metasploit | Modified: November 8, 2016

NMAP scripting Engine

nmap –script-help =   show help options for categories ex: nmap –script-help smb-check-vulnb directory for nmap scripts = /usr/share/nmap/scripts some nmap scripts can bring down a service  1) nmap -sC ’ip’ ’ip’ [view]

By: Nathanf | Related Lesson: Vulnerability Scanning (part 3) Nmap Scripting Engine | Modified: November 8, 2016

vul scanner

do manual analysis verify results nesus:  service nessusd start    = to start nessus apache server nessus port is 8834   ms-0867 [view]

By: Nathanf | Related Lesson: Vulnerability Scanning (part 2) Nessus | Modified: November 7, 2016

mod5 port scanning

Part 5 NMAP and Port Scanning netcat nc ’ip’ ’port’   = will check if port is open nc -v ’ip’ port’    = verbosely man nmap OR nmap.org   =  reference nmap ’scan-type’ ’host/ip’ - [view]

By: Nathanf | Related Lesson: Information Gathering (part 5) NMAP and PortScanning | Modified: November 7, 2016

FOR Loop

for i in `seq 1 254` ; do ping $ip.$i done [view]

By: M@nikandan | Related Lesson: Programming (part 3) Network Pings | Modified: November 6, 2016

11

SSL = Secure Socket Layer [view]

By: UD4N | Related Lesson: Traffic Capture (part 5) ettercap | Modified: November 2, 2016

1

Wireshark [view]

By: UD4N | Related Lesson: Traffic Capture (part 2) Analyzing Network Protocol with Wireshark | Modified: November 1, 2016

« First ‹ Previous 1 104 194 202 203 204 205 206 214 243 Next › Last »

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel