Use NMAP as a Information gathering tool

Usually we use NMAP as a port scanner to find open port of web-server, But with help of this Tool we can also gather Information about victim using NMAP script. In this tutorial we use NMAP to gather information.(1) Use NMAP to determine I.P. Address of victim:- NMAP include two scripts in his database. nmap --script ip-geolocation-* host-nameAs we can see that it show co-ordinate & location of our target.(2)Use NMAP as Whois Tool:- Following...

Read More

How to Bypassing Filter to Traversal Attacks ?

Bypassing Filter to Traversal AttacksIf your initial attempts to perform a traversal attack, as described previously, are unsuccessful, this does not mean that the application is not vulnerable. Many application developers are aware of path traversal vulnerabilities and implement various kinds of input validation checks in an attempt to prevent them. However, those defenses are often flawed and can be bypassed by a skilled attacker.The first type of input filter commonly encountered involves checkingwhether the filename parameter contains any path...

Read More

Path traversal vulnerabilities Tutorial

Path traversal vulnerabilities arise when user-controllable data is used by the application to access files and directories on the application server or other back-end file system in an unsafe way. By submitting crafted input, an attacker Exploiting Path Traversal may be able to cause arbitrary content to be read from, or written to, anywhere on the file system being accessed. This often enables an attacker to read sensitive information from the server, or overwrite sensitive files, leading ultimately to arbitrary command execution on the server.Consider...

Read More

How to get windows passwords in plain text?

Windows Credentials Editor (WCE) is a security tool that allows to list Windows logon sessions and add, change, list and delete associated credentials (e.g.: LM/NT hashes, Kerberos tickets and cleartext passwords).The tool allows users to:Perform Pass-the-Hash on Windows'Steal' NTLM credentials from memory (with and without code injection)'Steal' Kerberos Tickets from Windows machinesUse the 'stolen' kerberos Tickets on other Windows or Unix machines to gain access to systems and servicesDump cleartext passwords stored by Windows...

Read More

Pentbox installation & use:-

PenTBox is a Security Suite that packs security and stability testing oriented tools for networks and systems.Programmed in Ruby and oriented to GNU/Linux systems, but compatible with Windows, MacOS and every systems where Ruby works.Main Features:-- Cryptography toolsBase64 Encoder & DecoderMulti-Digest (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)Hash Password Cracker (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)Secure Password Generator-...

Read More

Metasploit Post Exploitation Methods

(A)Hide File in victim `s P.C:-After successfully got meterpreter sessions you can hide any file in victim `s P.C. Type following attribute.attrib +h +r +s drivename:/FoldernameFor example you want to hide folder name “songs” in F drive then just type following command in your terminal.shellattrib +h +r +s F:/songsFor unhidden file attrib -h -r -s F:/songs(B)Get passwords of remote windows P.C:-After getting meterpreter session type ps command it will display list of running process. Now we should migrate meterpreter session to any running process...

Read More

How to install & use Recon-ng?

!-- @page { margin: 0.79in } P { margin-bottom: 0.08in } A:link { so-language: zxx } Recon-ng is a true framework whose interface is modeled after the very popular and powerful Metasploit Framework. Complete with independent modules, database interaction, built in convenience functions, interactive help, and command completion, Recon-ng provides a powerful environment in which open source web-based reconnaissance can be conducted quickly...

Read More