Security Cheat Sheets for Penetration Testing

Security cheat sheets for Penetration Testing by sniferl4bs. This cheat sheet is especially for penetration testers/CTF participants/security enthusiasts. Download and Extract Command: wget https://github.com/Snifer/security-cheatsheets/archive/master.zip unzip master.zip Contents: aircrack-ng airport burp cewl cidr cookies dig fierce ftp golismero hping http https-ssl-tls hydra john maltego markdown medusa metasploit msfvenom mysql ncat nessus nikto Read more…

Loading

Using Nessus and Metasploit

Introduction to Nessus Nessus is a vulnerability scanning and analysis software from tenable, a leading information security services company, known as “the world’s most popular vulnerability scanner, used by more than 75,000 organizations worldwide.” Although the scanner is available for free download, the cost of direct ordering is $ 1,200 Read more…

Loading

Metasploit Command List

  The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source[2] Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include Read more…

Loading

Tools Category

Web Vulnerability Scan ( Metasploit )

Web Vulnerability Scan (WMAP) Introduce The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source[2] Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Read more…

Loading

Exploit Windows Machine (MS-17-10)

Exploit Windows Machine   Shadow Brokers shocked the world once again leaked a confidential document, which contains a number of beautifully Windows remote exploits that can cover a large number of Windows servers, Windows servers almost all across the board overnight exposure to risk. What is MS-17-10? Remote code execution Read more…

Loading

Web vulnerability scanning modules in Metasploit

Web vulnerability scanning modules in Metasploit   Information gathering web server scanning module Module auxiliary/scanner/http/http_version Module auxiliary/scanner/http/open_proxy Module auxiliary/scanner/http/robots_txt Module auxiliary/scanner/http/frontpage_login Module auxiliary/admin/http/tomcat_administration Module auxiliary/admin/http/tomcat_utf8_traversal Module auxiliary/scanner/http/options Module auxiliary/scanner/http/drupal_views_user_enum Module auxiliary/scanner/http/scraper Module auxiliary/scanner/http/svn_scanner Module auxiliary/scanner/http/trace Module auxiliary/scanner/http/vhost_scanner Module auxiliary/scanner/http/webdav_internal_ip Module auxiliary/scanner/http/webdav_scanner Module auxiliary/scanner/http/webdav_website_content   File directory scan module Module auxiliary/dos/http/apache_range_dos Read more…

Loading