Skip to main content

Good info web sites

1. SANS Penetration Testing
https://pen-testing.sans.org/blog/pen-testing


2. Dan McInerney pentest Scripts

https://github.com/DanMcInerney

3. The search engine for Webcams
Shodan is the world's first search engine for Internet-connected devices
From <https://www.shodan.io/>

4. Internet Security and Data Mining
From <https://www.netcraft.com/>

5. How Penetration Testers Use Google Hacking from
https://www.alienvault.com/blogs/security-essentials/how-pen-testers-use-google-hacking

 6. http://codebazaar.blogspot.com/2011/06/introduction-to-metasploit-and-armitage.html







  • The training slides are available here 








  • The exercises sheet is available at here








  • Metasploitable - http://blog.metasploit.com/2010/05/introducing-metasploitable.html 


    • Here are some interesting resources for further reading:

    Further Resources

    The following resources were mentioned throughout these lectures:
    7. OSCP Prep
    https://www.reddit.com/r/oscp/
    Syllabus

    8. Penetration Testing Tools Cheat Sheet

    9. https://theartofhacking.org/guide/

    10. Pentest Steps
    Phase 1 | Reconnaissance
    Reconnaissance is the act of gathering preliminary data or intelligence on your target. The data is gathered in order to better plan for your attack. Reconnaissance can be performed actively (meaning that you are directly touching the target) or passively (meaning that your recon is being performed through an intermediary).
    Phase 2 | Scanning
    The phase of scanning requires the application of technical tools to gather further intelligence on your target, but in this case, the intel being sought is more commonly about the systems that they have in place. A good example would be the use of a vulnerability scanner on a target network.
    Phase 3 | Gaining Access
    Phase 3 gaining access requires taking control of one or more network devices in order to either extract data from the target, or to use that device to then launch attacks on other targets.
    Phase 4 | Maintaining Access
    Maintaining access requires taking the steps involved in being able to be persistently within the target environment in order to gather as much data as possible. The attacker must remain stealthy in this phase, so as to not get caught while using the host environment.
    Phase 5 | Covering Tracks
    The final phase of covering tracks simply means that the attacker must take the steps necessary to remove all semblance of detection. Any changes that were made, authorizations that were escalated etc. all must return to a state of non-recognition by the host network’s administrators.

    11.  Webgoat 8 solutions
    a) https://www.youtube.com/watch?v=9VOB34pcnY0&list=PLrHVSJmDPvlqxCfBhPuksHdpViPyeZTsF&index=14

     12 Hacking and security: OSCP - Windows Priviledge Escalation

    Comments

    Post a Comment

    Popular posts from this blog

    VM 9 : PHP Include And Post Exploitation

    Walkthrough 1.        https://medium.com/@Kan1shka9/pentesterlab-php-include-and-post-exploitation-walkthrough-8a85bcfa7b1d 2.        Ine [] 3.        http://megwhite.com.au/pentester-lab-bootcamp-walkthrough-php-include-post-exploitation/ 4.        http://fallensnow-jack.blogspot.com/2014/07/pentester-lab-php-lfi-post-exploitation.html Notes: root@kali:~# nmap 10.0.0.12 Starting Nmap 7.40 ( https://nmap.org ) at 2017-05-30 12:23 EDT Nmap scan report for 10.0.0.12 Host is up (0.00035s latency). Not shown: 999 filtered ports PORT    STATE SERVICE 80/tcp open   http MAC Address: 08:00:27:1F:12:24 (Oracle VirtualBox virtual NIC) Nmap done: 1 IP address (1 host up) scanned in 5.31 seconds root@kali:~# Enumerating port 80 Run dirb root@kali:~# dirb http://10.0.0.12/ ----------------- DIRB v2.22 By The Dark Raver...
    1 comment
    Read more

    VM 5: Vulnix :

    Walkthru: A. https://mrh4sh.github.io/vulnix-solution [SMTP and Finger enumeration, creating linux user with specific UID, root squashing, ssh pwd cracking using medusa & hydra, logging using ssh keys, updating /usr/sbin/exportfs] B. http://overflowsecurity.com/hacklab-vulnix/ [ same as above. create ssh keys for root and copied to victim to login as root w/o recovering pwd] C. https://www.rebootuser.com/?p=988[ local bash shell from nfs] B. https://www.vulnhub.com/?q=vulnix&sort=date-des&type=vm [list of solutions] D. https://www.rebootuser.com/?p=988 [User Enumeration #1 – SMTP, Finger; Entry Point including hydra, Putty(using rlogin service), nfs (showmount,mount) ] Notes: - As you can see the root user is the only account which is logged on the remote  host.Now that we have a specific username we can use it in order to obtain more information about this user with the command  finger root@host . -  Another effective use of the finger...
    Post a Comment
    Read more

    VM 13 : Basic Pentest 1 csec

    Notes: Walkthru: 1. https://medium.com/@evire/basic-pentesting-1-7251fb3e3f9e [ w/metasploi t using Wordpress t] 2. https://prasannakumar.in/infosec/vulnhub-basic-pentesting-1-writeup/ [ w/metasploit using ftp ] 3.  https://www.ceos3c.com/hacking/basic-pentesting-1-walkthrough/ [ by uploading php-reverse-shell in wordpress ] 4. http://k3ramas.blogspot.com/2018/02/basic-pentesting-1-walkthrough.html [  access wordpress config file to get pwd and access the DB ] 5.  https://cowsayroot.com/walkthrough-basic-pentesting-1/ [ Wpscan, ftp metasploit vulnerability, phpbash ] 6.   http://www.hackingarticles.in/hack-the-basic-penetration-vm-boot2root-challenge/    [use msfvenom to create  to create php shell to be uploaded in Wordpress ] 7.   https://d7x.promiselabs.net/2018/01/30/ctf-basic-pentesting-a-guide-for-beginners/ [adding command using using PHP] Notes:  Ports - 21...ProFTPD 1.3.3c - 22 openSSH 7.2p2 ubuntu ...
    2 comments
    Read more