metasploit - Security Awareness

Security Cheat Sheets for Penetration Testing

Security cheat sheets for Penetration Testing by sniferl4bs. This cheat sheet is especially for penetration testers/CTF participants/security enthusiasts. Download and Extract Command: wget https://github.com/Snifer/security-cheatsheets/archive/master.zip unzip master.zip Contents: aircrack-ng airport burp cewl cidr cookies dig fierce ftp golismero hping http https-ssl-tls hydra john maltego markdown medusa metasploit msfvenom mysql ncat nessus nikto Read more…

By root, 7 yearsOctober 12, 2018 ago

Tools

Sn1per – scan for vulnerabilities (Best)

ABOUT: Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. DEMO VIDEO FEATURES: Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports via NMap port scanning Read more…

By root, 7 yearsSeptember 16, 2018 ago

Using Nessus and Metasploit

Introduction to Nessus Nessus is a vulnerability scanning and analysis software from tenable, a leading information security services company, known as “the world’s most popular vulnerability scanner, used by more than 75,000 organizations worldwide.” Although the scanner is available for free download, the cost of direct ordering is $ 1,200 Read more…

By root, 7 yearsSeptember 14, 2018 ago

Linux Tricks

SAM database (Dumping and Cracking the local user accounts)

SAM database (Dumping and Cracking the local user accounts) Let’s talk about the hash crack through post / hashdump and john (john the ripper) of the Metasploit module. Once the meterpreter shell is injected and driven into the target pc, the shell connection is maintained. Get meterpreter session 2. Privilege Read more…

By root, 7 yearsSeptember 7, 2018 ago

Tutorials

Metasploit Command List

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source[2] Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include Read more…

By root, 7 yearsAugust 10, 2018 ago

Tricks

Microsoft Windows LNK CVE-2017-8464 Remote Code Execution Vulnerability

Bypass Antivirus & Exploit Windows Using PowerShell Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Affected Version Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Read more…

By root, 7 yearsAugust 2, 2018 ago

Tools

Web Vulnerability Scan ( Metasploit )

Web Vulnerability Scan (WMAP) Introduce The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source[2] Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Read more…

By root, 7 yearsJuly 5, 2018 ago

News

WannaCry Ransomware Is On Windows 10 Now !

Security researchers are still busy developing fixes for the Wannacry ransomware. Well, Windows was affected massively across the world. Researchers at RiskSense have successfully managed to port the WannaCry exploit to infect Windows 10 as well. The world has just faced a huge ransomware attack. Wannacry Ransomware attack already hit Read more…

By root, 7 yearsMay 26, 2018 ago

Tricks

Exploit Windows Machine (MS-17-10)

Exploit Windows Machine Shadow Brokers shocked the world once again leaked a confidential document, which contains a number of beautifully Windows remote exploits that can cover a large number of Windows servers, Windows servers almost all across the board overnight exposure to risk. What is MS-17-10? Remote code execution Read more…

By root, 7 yearsMay 13, 2018 ago

Tutorials

Web vulnerability scanning modules in Metasploit

Web vulnerability scanning modules in Metasploit Information gathering web server scanning module Module auxiliary/scanner/http/http_version Module auxiliary/scanner/http/open_proxy Module auxiliary/scanner/http/robots_txt Module auxiliary/scanner/http/frontpage_login Module auxiliary/admin/http/tomcat_administration Module auxiliary/admin/http/tomcat_utf8_traversal Module auxiliary/scanner/http/options Module auxiliary/scanner/http/drupal_views_user_enum Module auxiliary/scanner/http/scraper Module auxiliary/scanner/http/svn_scanner Module auxiliary/scanner/http/trace Module auxiliary/scanner/http/vhost_scanner Module auxiliary/scanner/http/webdav_internal_ip Module auxiliary/scanner/http/webdav_scanner Module auxiliary/scanner/http/webdav_website_content File directory scan module Module auxiliary/dos/http/apache_range_dos Read more…

By root, 7 yearsMarch 28, 2018 ago