https://github.com/Ara2104/Sn1per
Basic checks
pip install --upgrade pip
Showing posts with label essential_kali_programs. Show all posts
Showing posts with label essential_kali_programs. Show all posts
Saturday, November 3, 2018
Sunday, October 28, 2018
Scanning SSL Kali Linux
sslscan website
heartbeat vulnerability
Another tool that performs a thorough sweep and analyzes the SSL/TLS configurations of a target service is SSLyze. To perform the majority of the basic tests in SSLyze, arguments should include the target server and the --regular argument. This includes tests for SSLv2, SSLv3, TLSv1, renegotiation, resumption, certificate information, HTTP GET response status codes, and compression support as follows:
root@KaliLinux:~# sslyze google.com --regular
heartbeat vulnerability
Another tool that performs a thorough sweep and analyzes the SSL/TLS configurations of a target service is SSLyze. To perform the majority of the basic tests in SSLyze, arguments should include the target server and the --regular argument. This includes tests for SSLv2, SSLv3, TLSv1, renegotiation, resumption, certificate information, HTTP GET response status codes, and compression support as follows:
root@KaliLinux:~# sslyze google.com --regular
Efficient technique using BurpSuite when spidering - Kali Linux
Proxy
Add the site to the scope
Spider tab - Options - application login - automatically submit these credentials
admin' or 1=1 --
password - NONE-blank
---
Target tab - activate spider
Target - site map tab
engagement tool - discover content -
click session is not running button
brute force attack running
Add the site to the scope
Spider tab - Options - application login - automatically submit these credentials
admin' or 1=1 --
password - NONE-blank
---
Target tab - activate spider
Target - site map tab
engagement tool - discover content -
click session is not running button
brute force attack running
wafw00f website - web application firewall attack commands
wafw00f website
WafW00f is a very useful Python script, capable of detecting the web application firewall (WAF). This tool is particularly useful when a penetration tester wants to inspect the target application server, and might get a fallback with certain vulnerability assessment techniques, for which the web application is actively protected by a firewall. Therefore, detecting the firewall sitting in between the application server and the Internet traffic not only improves a testing strategy, but also presents exceptional challenges for the penetration tester to develop advanced evasion techniques.
WafW00f is a very useful Python script, capable of detecting the web application firewall (WAF). This tool is particularly useful when a penetration tester wants to inspect the target application server, and might get a fallback with certain vulnerability assessment techniques, for which the web application is actively protected by a firewall. Therefore, detecting the firewall sitting in between the application server and the Internet traffic not only improves a testing strategy, but also presents exceptional challenges for the penetration tester to develop advanced evasion techniques.
Thursday, October 25, 2018
Activate tor and proxychains on your Kali Linux
apt-get install tor
leafpad /etc/proxychains.conf
disable strict_chain adding a pound sign
Enable the Dynamic_chain - deleting the pound before the concept
Add the socks5 at the end
socks4 127.0.0.1 9050
socks5 127.0.0.1 9050
service tor start
to verify - service tor status
iceweasel ww.whatismyip.com
Activating Proxychains
proxychains iceweasel ww.whatismyip.com
leafpad /etc/proxychains.conf
disable strict_chain adding a pound sign
Enable the Dynamic_chain - deleting the pound before the concept
Add the socks5 at the end
socks4 127.0.0.1 9050
socks5 127.0.0.1 9050
service tor start
to verify - service tor status
iceweasel ww.whatismyip.com
Activating Proxychains
proxychains iceweasel ww.whatismyip.com
Configuring SSH on Kali Linux
cd /etc/ssh
mkdir keys_backup_ssh
mv ssh_host_* keys_backup_ssh
dpkg-reconfigure openssh-server
service ssh start
service ssh stop
netstat -antp
liste where?
mkdir keys_backup_ssh
mv ssh_host_* keys_backup_ssh
dpkg-reconfigure openssh-server
service ssh start
service ssh stop
netstat -antp
liste where?
Essential programs on Kali Linux - Penetration test - kit
apt-get install preload
Using preload to Speed up Linux
apt-get install bleachbit
total privacy cleaner
advance - wiping free space
apt-get install bum
system performance
disable unnecessary services
apt-get install gnome-do
execute key app using keyboard
apt-get install apt-file
command search apt - allow reading apt file
apt-get install scrub
security deleting program - complain
apt-get install shutter
captures images from your desktop
apt-get install figlet
console looks professianal
leafpad /root/.bashrc
write your personal message at the end
Using preload to Speed up Linux
total privacy cleaner
advance - wiping free space
apt-get install bum
system performance
disable unnecessary services
apt-get install gnome-do
execute key app using keyboard
apt-get install apt-file
command search apt - allow reading apt file
apt-get install scrub
security deleting program - complain
apt-get install shutter
captures images from your desktop
apt-get install figlet
console looks professianal
leafpad /root/.bashrc
write your personal message at the end
Subscribe to:
Posts (Atom)
The Nexus of Policy and Technology: An Expert Report on Allegations of Political Bias in Gmail's Spam Filtering
Executive Summary: The Nexus of Policy and Technology The Federal Trade Commission (FTC) has initiated a new wave of regulatory scrutiny a...
-
Summarization of hundreds of comments on Reddit. Ineffective Service: The users explicitly states, "Confirmed that it doesn't w...
-
Based on a review of the provided Privacy Policy , here are some potential legal implications and issues that should be addressed: Scope a...