< All Advanced Penetration Testing Notes

ralleshouse | Advanced Penetration Testing | Module 5 - Vulnerability Discovery/Scanning

By: ralleshouse | Related Course: Advanced Penetration Testing | Published: September 20, 2016 | Modified: September 20, 2016
Join Cybrary

Notepadvuln discovery metasploit

service postgresql start 

service metasploit start

  • use aux/scanner/ftp/anonymous
  • save to a file and then grep./sort u
  • set RHOSTS file:/root/livehosts.txt (where the ipaddresses were saved
  • use exploit/windows/smb/ms08_067_netapi
  • set options then run a check

Notepadvuln scanning

look up the app on google and find directory traversal

netcat to port 25 and verivy users

VRFY username  (220 means success)


Notepadvuln scanning - Nessus


  • service nessusd start
  • or

Notepadvuln scanning nmap

cd /usr/share/nmap/scripts

nmap –script-help default

nmap –script-help smb-check-vulns

nmap -sC -oA scriptouput

nmap –script=nfs-ls 




  • requires authentication
  • look up credentials on google for the version

dirbuster (directory buster)

Nikto –h (like nessus)


< All Advanced Penetration Testing Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?