随笔分类 - 艺术
摘要:Bash scripting techniques BASH SCRIPTING I/O I/O - File vs. terminal vs. network Input from a terminal read -p "Enter your name:" name; echo "Hi," $na
阅读全文
摘要:Bash Scripting Basics COMMENTS Help you remember what you were thinking All comments start with the '#' character Anything after '#' is ignored by the
阅读全文
摘要:Using scripting in pen testing SCRIPTING FOR PENETRATION TESTING Why bother with scripts? Automate mundane/repetitive tasks Faster Less error prone Re
阅读全文
摘要:Other Pen Testing Tools MISCELLANEOUS TOOLS Tool Notes URL Searchploit Search tool for exploit database https://www.exploit-db.com/searchsploit/ Power
阅读全文
摘要:Analyzers and Mobile Pen Testing Tools NETWORKING AND MOBILE TOOLS Tool Notes URL Wireshark Packet sniffer/protocol analyzer https://www.wireshark.org
阅读全文
摘要:Remote Access Tools Tool Notes URL SSH Secure shell Included or available in most OSs NCAT Similar to nc, but from Nmap developers https://nmap.org/nc
阅读全文
摘要:Wireless and Web Pen Testing Tool WIRELESS TOOLS Tool Notes URL Aircrack-NG Monitoring, attacking, testing, cracking https://www.aircrack-ng.org/ Kism
阅读全文
摘要:Open-Source Research Tools OPEN SOURCE INTELLIGENCE (OSINT) TOOLS Tool Notes URL Whois Domain details (contacts, name servers, etc.) https://whois.ica
阅读全文
摘要:Code cracking tools Debuggers Tool Notes URL OLLYDBG Windows 32-bit http://www.ollydbg.de/ Immunity debugger Write exploits, analyze malware, and reve
阅读全文
摘要:Scanners and credential tools Scanners Tool Notes URL Nikto Web server vulnerability scanner https://github.com/sullo/nikto OpenVAS(Open Vulnerability
阅读全文
摘要:Using Kali Linux Kali Tools Listings https://tools.kali.org/tools-listing QUICK REVIEW Kali Linux is only one open-source Linux distribution targeted
阅读全文
摘要:Pen Testing Toobox RECONNAISSANCE For reconnaissance, use: Nmap Whois Nslooup Theharvester Shodan Recon-NG Censys Aircrack-NG Kismet WiFite SET Wiresh
阅读全文
摘要:Nmap Scoping and Output Options NMAP nmap(Network Mapper) One of the most common and most useful tools for reconnaissance nmap -A does much of what we
阅读全文
摘要:Persistence and Stealth PERSISTENCE Scheduled jobs Cron or Task Manager Scheduled Task Same as above Daemons Background processes or services Back doo
阅读全文
摘要:Post-exploitation Techniques POST-EXPLOITATION TECHNIQUES What to do once you're in Make it easier next time Lateral movement RPC/DCOM (Remote Procedu
阅读全文
摘要:Physical Security PHYICAL SECURITY RELATED TO FACILITIES Piggybacking/tailgating - unauthorized person following an authorized person through a physic
阅读全文
摘要:Miscellaneous Local Host Vulnerabilities LOCAL HOST VULNERABILITIES Default account settings - disable accounts that are not being used. Sandbox escap
阅读全文
摘要:Miscellaneous privilege escalation EXPLOITABLE SERVICES Unquoted service paths Allow abbreviated attack paths(without spaces) PRIVILEGE ESCALATION Uns
阅读全文
摘要:Privilege Escalation(Windows) WINDOWS-SPECIFIC PRIVILEGE ESCALATION Cpassword - Group Policy Preference attribute that contains passwords SYSVOL folde
阅读全文
摘要:Privilege Escalation(Linux) Linux user ID is 'root'. LINUX-SPECIFIC PRIVILEGE ESCALATION SUID/SGID programs Permission to execute a program as executa
阅读全文
浙公网安备 33010602011771号