Advanced Penetration Testing Notes

metasploit

www.rapid7.com [view]

By: dbmc06 | Related Lesson: Metasploit (part 3) Operation | Modified: September 11, 2016

Using Metasploit Modules

open source edition: (written in Ruby) cd /usr/share/metasploit-framework/modules Creating a metasploit that detects sys vulnerability www.exploit-db.com/exploits/7132/       [view]

By: dbmc06 | Related Lesson: Metasploit (part 2) Fundamentals | Modified: September 11, 2016

mv command

mv -> move mv é usado para mover, porém pode ser usado também para renomear  exemplo mv arquivo arquivo1 o arquivo será renomeado. [view]

By: danielcosta | Related Lesson: Linux (part 3) - Directories, myfile and Nano | Modified: September 10, 2016

XSS

Use IE turn off protective mode xss filter is disable   [view]

By: dm41278 | Related Lesson: WebApp (part 5) Cross Site Scripting XSS | Modified: September 10, 2016

sql injection

put ’ at the end 1=1 — tool sqlmap -u injection point –dump os-shell   [view]

By: dm41278 | Related Lesson: WebApp (part 3) SQL Injection | Modified: September 10, 2016

web app testing manually

burpsuit proxy   [view]

By: dm41278 | Related Lesson: WebApp (part 2) Vulnerable Web Applications | Modified: September 10, 2016

Pivoting

route add 172.16.233.0 25 use scanner/portscan/tcp bind shell to route   [view]

By: dm41278 | Related Lesson: Post Exploitation (part 3) Pivoting | Modified: September 10, 2016

post

pass the hash set smbpass as the hash sshexec Token Impre load incognito impersonate_token Username       [view]

By: dm41278 | Related Lesson: Post Exploitation (part 2) Exploit Development | Modified: September 10, 2016

Post-Expliot-1

use post/windows/gather/enum_logged_on_users need a active sessions UAC use exploit/windows/local/bypassuac linux cd /usr/share/exploitdb/ lsb_release udevadm –version   [view]

By: dm41278 | Related Lesson: Post Exploitation (part 1) File Transfer without and Interactive Shell | Modified: September 10, 2016

avoid anti-virus

hyperion wine ../hyperion.exe ../payload.exe name valeevasion   [view]

By: dm41278 | Related Lesson: Advanced Exploitation (part 5) Bypassing Antivirus Software | Modified: September 10, 2016

« First ‹ Previous 1 113 203 211 212 213 214 215 223 243 Next › Last »

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel