Advanced Penetration Testing Notes

offline password

John the ripper can be used for offline password cracking we can crack win 7 NTLM hashes  john –format=nt windowshashes.txt(passwd hashes from win) –wordlist=passwords.txt (password file)       [view]

By: dvmenon | Related Lesson: Passwords (part 3) Offline Password Attacks | Modified: October 31, 2017

Exploit Dev - GNU Compiler/GDB debugging

gdb is a debugging program. Can set breakpoints to view the status of an executable in memory at that point in time. To view memory at a point in time (at a breakpoint): (gdb) x/FMT ADDRESS type ”help x” for examine help [view]

By: Ryno23 | Related Lesson: Exploit Development (part 4) GNU Compilers | Modified: October 30, 2017

Password Crack

Offline password attacks John the ripper (John) john windowshashes.txt – brute force john  –format=nt windowshashes.txt –wordlist=password.txt   [view]

By: wiseone45 | Related Lesson: Passwords (part 3) Offline Password Attacks | Modified: October 30, 2017

Information Gathering: Port Scanning

nmap Port scanning utility nmap -sS <target IP> – Syn Scan nmap -sU <target IP> – UDP Scan nmap -sV <target IP> – Version Scan based on the responses. zervit Portable HTTP server. NetCat TCP/IP Swiss Army Knife [view]

By: andyandyandy | Related Lesson: Information Gathering (part 5) NMAP and PortScanning | Modified: October 30, 2017

Exploitation (part 4) Open Source

This section just explains using the vulnerabilities you’ve found that may exist, you search for them in metapsloit and find the correct exploit  [view]

By: codygray34 | Related Lesson: Exploitation (part 4) Open Source Vulnerability | Modified: October 30, 2017

Exploitation (part 3) Directory Traversal

../../../../../boot.ini ../WINDOWS/system32  ^all these directory traversals are exploiting a vulnerability on port 3232 for this example ../WINDOWS/repair/system ../xampp/FileZillaFtp/FileZilla Server.xml  ^these are just downloading files that c [view]

By: codygray34 | Related Lesson: Exploitation (part 3) Directory Traversal | Modified: October 30, 2017

Information Gathering

recon-ng (CLI tool) Web reconnaissance framework for gathering information with built in modules. Google Dorks Information on google hacking database.  Hosted on exploitdb and has categories for building searches. [view]

By: andyandyandy | Related Lesson: Information Gathering (part 4) recon-ng and google operators | Modified: October 30, 2017

Information Gathering: E-mail

theharvester scans through search engines for e-mail addresses theharvester -d <domain> www.netcraft.com Site information analysis including DNS, Site components (PHP, etc), Site server, etc. Maltegeo (GUI Tool) Requires registration. Transform [view]

By: andyandyandy | Related Lesson: Information Gathering (part 3) Targeting Email and Maltego | Modified: October 30, 2017

Information Gathering: DNS

whois – find out domain registration information. dig – lookup dns records nslookup – lookup dns records host lookup dns records, initiate host transfer host -t ns zonetransfer.me – lookup the name servers of domain host -l z [view]

By: andyandyandy | Related Lesson: Information Gathering (part 2) Domain Name Services | Modified: October 30, 2017

cprogram.c

` #include int main(int argc, char *argv[]) { if(argc < 2) { printf("%s\n", "Pass your name as an argument"); return -1; } else { printf("Hello %s\n", argv[1]); return 0; } } [view]

By: colejv | Related Lesson: Programming (part 5) Python Import Command | Modified: October 29, 2017

« First ‹ Previous 1 60 68 69 70 71 72 80 170 243 Next › Last »

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel