Posts

Showing posts from December, 2020

Nmap cheet sheet PDF

Image
  NMAP PDF Cheetsheet:-

CEH V9 GUIDE

Image
  BOOK LINK:-

nslookup

Image
  nslookup command in Linux with Examples Difficulty Level : Expert Last Updated : 24 May, 2019 Nslookup (stands for “Name Server Lookup”) is a useful command for getting information from DNS server. It is a network administration tool for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or any other specific DNS record. It is also used to troubleshoot DNS related problems. Syntax: nslookup [option]   Options of nslookup command: nslookup google.com

SPARTA

Image
  SPARTA SPARTA is a python based Graphical User Interface tool which is used in the scanning and enumeration phase of information gathering. It is a toolkit having a collection of some useful tools for information gathering. It is used for many purposes, a few of them are listed below. It is used to export Nmap output to an XML file. It is used to automate the process of Nikto tool to every HTTP service or any other service. It is used to save the scan of the hosts you have scanned earlier in order to save time. It is used to reuse the password which is already found and is not present in the wordlist. To use SPARTA, enter the IP address of the host you want to scan in the host section to start scanning.

Bulk-Extractor

Image
   Bulk-Extractor Bulk-Extractor tool which is to be used when you have to extract features like E-Mail address, URLs, Confidential Document Numbers from files. This tool is used for Intrusion investigations, malware investigations, identity investigations, or any other kind of cyber investigation. The awesome feature of working with compressed or corrupt files makes it a great tool to work with those files. IT works on disk images, files, or a directory of files and finds out the useful information. To use Bulk-Extractor:  Enter the following command in the terminal.   bulk_extractor

Fern wifi cracker

Image
  Fern wifi cracker Fern wifi cracker is used when we want a Graphical User Interface to crack wifi passwords. Fern is a widely used wifi hacking tool designed in Python Programming Language using the Python Qt GUI library. The tools are comfortable to attack wireless networks along with ethernet networks. Fern comes packed with many features, few of them are listed below. Used in WEP cracking It could perform dictionary attacks for WPA/WPA2/WPS with ease. It provides service of an automatic access point attack system. May be used to do session hijacking. To use Fern wifi cracker: Enter the following command in the terminal. fern-wifi-cracker

Reaver

Image
  Reaver Reaver is a package that is a handy and effective tool to implement a brute force attack against Wifi Protected Setup (WPS) registrar PINs to recover WPA/WPA2 passphrases. It is depicted to be a robust and practical attack against WPS, and it has been tested against a wide variety of access points and WPS implementations. In today’s time hacking WPA/WPA2 is exceptionally a tedious job. A dictionary attack could take days, and still will not succeed. On average Reaver will take 4-10 hours to recover the target AP’s plain text WPA/WPA2 passphrase, depending on the AP. Generally, it takes around half of this time to guess the correct WPS pin and recover the passphrase. To use Reaver: Enter the following command in the Terminal: reaver

Armitage

Image
  Armitage Armitage is a tool that is used to visualize targets, recommends exploits, and to expose exploitation features in the framework. Armitage is basically a scriptable red team collaboration tool for Metasploit framework or in other words it is a GUI version of the Metasploit framework. It contains many tools that are used for creating security workspaces for vulnerability testing and penetration testing systems. Being a GUI based package, it is a good alternative to Metasploit. To use Armitage, enter the following command in the terminal. armitage

BeEF

Image
   BeEF BeEF or Browser Exploitation Framework is basically a penetration testing tool that runs and gets executed on the web browser. It also allows professional penetration tester using client-side attack vectors to assess the actual security posture of a target environment. This tool mainly focuses on the Web Browser. It hooks web browsers in order to use them as a base or launchpad to attack the system and to execute the malicious codes and payloads. To use BeEF, enter the following command in the terminal. beef-xss

Social Engineering Toolkit

  Social Engineering Toolkit Social Engineering Toolkit is a collection of tools that could be used to perform social engineering attacks. These tools use and manipulate human behavior for information gathering. it is a great tool to phish the websites even. To use Social Engineering Toolkit Social Engineering Toolkit comes pre-installed with Kali Linux Just type “ setoolkit ” in the terminal. Agree to the terms and conditions to start using the social engineering toolkit.

Autopsy

Image
  Autopsy Autopsy is a digital forensics tool that is used to gather the information form forensics. Or in other words, this tool is used to investigate files or logs to learn about what exactly was done with the system. It could even be used as a recovery software to recover files from a memory card or a pen drive. To use autopsy tool: Autopsy comes pre-installed in Kali Linux Just type “ autopsy ” in the terminal. Now visit http://localhost:9999/autopsy in order to use the tool.

sqlmap

Image
  sqlmap sqlmap is one of the best tools to perform SQL injection attacks. It just automates the process of testing a parameter for SQL injection and even automates the process of exploitation of the vulnerable parameter. It is a great tool as it detects the database on its own so we just have to provide a URL to check whether the parameter in the URL is vulnerable or not, we could even use the requested file to check for POST parameters. To use sqlmap tool: sqlmap comes pre-installed in Kali Linux Just type sqlmap in the terminal to use the tool.

John the Ripper

Image
  John the Ripper John the Ripper is a great tool for cracking passwords using some famous brute for attacks like dictionary attack or custom wordlist attack etc. It is even used to crack the hashes or passwords for the zipped or compressed files and even locked files as well. It has many available options to crack hashes or passwords. To use John the Ripper: John the ripper comes pre-installed in Kali Linux. Just type “ john ” in the terminal to use the tool.

Netcat

Image
  Netcat Netcat is a networking tool used to work with ports and performing actions like port scanning, port listening, or port redirection. This command is even used for Network Debugging or even network daemon testing. This tool is considered as the Swiss army knife of networking tools. It could even be used to do the operating related to TCP, UDP, or UNIX-domain sockets or to open remote connections and much more. To use netcat: Netcat comes pre-installed with Kali Linux. Just type “ nc ” or “ netcat ” in the terminal to use the tool. To perform port listening type the following commands in 2 different terminals. nc -l -p 1234 nc 127.0.0.1 1234 Read this for more information ragarding netcat tool.

aircrack-ng

Image
  aircrack-ng Aircrack is an all in one packet sniffer, WEP and WPA/WPA2 cracker, analyzing tool and a hash capturing tool. It is a tool used for wifi hacking. It helps in capturing the package and reading the hashes out of them and even cracking those hashes by various attacks like dictionary attacks. It supports almost all the latest wireless interfaces. To use aircrack-ng: aircrack-ng comes pre-compiled with Kali Linux. Simply type aircrack-ng in the terminal to use it.

metasploit Framework

Image
   metasploit Framework Metasploit is an open-source tool that was designed by Rapid7 technologies. It is one of the world’s most used penetration testing frameworks. It comes packed with a lot of exploits to exploit the vulnerabilities over a network or operating systems. Metasploit generally works over a local network but we can use Metasploit for hosts over the internet using “ port forwarding “. Basically Metasploit is a CLI based tool but it even has a GUI package called “ armitage ” which makes the use of Metasploit more convenient and feasible. To use metasploit: Metasploit comes pre-installed with Kali Linux Just enter “ msfconsole ” in the terminal.  

Wireshark

Image
  Wireshark Wireshark is a network security tool used to analyze or work with data sent over a network. It is used to analyze the packets transmitted over a network. These packets may have information like the source IP and the destination IP, the protocol used, the data, and some headers. The packets generally have an extension of “ .pcap ” which could be read using the Wireshark tool. Read this to learn how to set up and configure Wireshark. To use wireshark: Open Wireshark and download a demo pcap file from here Press” ctrl+o ” to open a pcap file in wireshsark. Now it can be seen that it display the list of packets along with the headers of these packets.

Nmap

Image
1. Nmap Nmap is an open-source network scanner that is used to recon/scan networks. It is used to discover hosts, ports, and services along with their versions over a network. It sends packets to the host and then analyzes the responses in order to produce the desired results. It could even be used for host discovery, operating system detection, or scanning for open ports. It is one of the most popular reconnaissance tools. To use nmap: Ping the host with ping command to get the IP address ping hostname Open the terminal and enter the following command there: nmap -sV ipaddress Replace the IP address with the IP address of the host you want to scan. It will display all the captured details of the host. To know more, you can read more from here .  

Parrot os VS Kali Linux

Image
 

Parrot os iso download link

Image
              Download page:-  

Telegram windows

Image
:-               Download

rufus 3.1.4

Image
          DOWNLOAD:-

DOS ATTACK (xerxes tool)

 

NS lookup methods

 

Nikto usage

 

Setting Up Kali in Virtualbox

 

Ethical Hacking Interview Quistions -2020

 Q1) Explain about Ethical Hacking? Ethical Hacking is when the individual is allowed to hacks the systems with the permission to the merchandise owner to search out of weakness in an exceedingly system and the later fix them. Q2) What is IP address and Mac address? IP address: To every device to an IP address is assigned, so that device can be located to the network. MAC (Machine Access Control) address: A MAC address is the unique serial number assigned to the every network interface on every device. Q3) List out some of common tools used by Ethical hackers? MetaSploit WireShark NMAP John The Ripper Maltego Q4) What are the types of the ethical hackers? The types of ethical hackers : Grey Box hackers Black Box penetration Testers White BoxpenetrationTesters Q5) What is the footprinting in ethical hacking? What is techniques used for the footprinting? Footprinting refers to accumulating and uncovering as much as information about the target network before gainin

CLI KALI CHEET_SHEET

Image
 

Kali linux OVA file download link

Image
link to download page