< All Advanced Penetration Testing Notes

Keegan Kuhn | Advanced Penetration Testing | Module 4 - Information Gathering

By: Keegan Kuhn | Related Course: Advanced Penetration Testing | Published: January 14, 2017 | Modified: January 18, 2017
Join Cybrary

Notepaddns

nslookup:

set type-mx means to set type as mail server

set type-ns means to set type as name server

whois, dig and host also work well.

host:

-t is type, such as ns or mx

-l for domain/zone transfer, then domain, then nameserver

 


Notepadinfo gath i

theharvester

maltego

shodan.io

netcraft.com


Notepadnmap

You can send requests through nc

-sS is unfinished SYN Scan. Opens TCP connection. Some call it stealthy scan.

-sT is TCP Connect.

-sU is UDP, harder to detect, much slower

These should be able to bypass filters {

-sN (Null scan) sends no bits

-sF (FIN Scan) sends just the TCP FIN bit

-sX (Xmas Scan) sets FIN, PSH, and URG flags, lighting up the packet like a Christmas Tree.

}

-v Verbose

-A Enables OS Detection

-sV Version Scan


Notepadrecon

recon-ng

show modules

use [module]

set source [src]

run

exit

exit

 

exploit-db.com/ghdb


< All Advanced Penetration Testing Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel