Nmap Cheatsheet
nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine to scan single hosts. nmap uses raw IP...
Category: Information Gathering
PENTEST-WIKI: free online security knowledge library for pentesters/researchers
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others. Contents Contents Network Analysis IP Whois DNS Identify Live Hosts IDS/IPS...
Penetration Testing SQL server
Penetration Testing SQL server SQL Server is a relational database management system from Microsoft, which is used as a central location to save and obtain data needed for applications. It uses Structured Query Language...
Intelligence Gathering – Penetration Testing
Intelligence Gathering Prior to an attack, the penetration tester should know as much as possible about the target environment and the characteristics of the system. The more targeted information the penetration tester finds, the...
Detect Antivirus Software on victim machine without user interaction
On your penetration testing, not all payload is a full undetected payload, so if you want to bypass antivirus software, you will need to identify what antivirus software that is installed on your victim...
HostRecon: powershell information gathering tool
Invoke-HostRecon Invoke-HostRecon runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase of an engagement. It gathers information about the local system, users,...
Shodanwave – Netwave IP Camera
Shodanwave Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online. What...
Vanquish: perform multiple active information gathering phases
Vanquish is a Kali Linux based Enumeration Orchestrator built in Python. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases. The results of each phase are fed into...
Penetration Testing MySQL server
Penetration Testing MySQL server MySQL is an open source Relational Database Management System (RDBMS). MySQL is widely used and a popular alternative to other SQL solutions because it is open source and can be...
Nscan: Fast internet-wide scanner
Nscan is a fast Network scanner optimized for internet-wide scanning purposes and inspired by Masscan and Zmap. It has it’s own tiny TCP/IP stack and uses Raw sockets to send TCP SYN probes. It...
NBTSCAN: scanning IP networks for NetBIOS name information
As part of penetration testing is often necessary to search for something interesting in the network, especially if we are in the segment of workstations. For example search for specific workstation users who hold positions...
Ports scanning using Metasploit
On your penetration testing, finding ports and services is important. In the real world, I exploited some systems by identifying open ports and try to attack this port. This articles, I am going to...
Top 3 Search Engine for Penetration Tester
Here I will introduce the three Web vulnerability search engine. ShodanShodan, the official definition of himself Computer Search Engine (Computer Resource Search Engine), is American man John Matherly spent nearly 10 years to build...
Viproy Voip Pen-Test Kit for Metasploit Framework
Viproy VoIP Pen-Test Kit provides penetration testing modules for VoIP networks. It’s developed for security testing of VoIP and Unified Communications services. Viproy has Skinny, SIP and MSRP libraries to develop custom security tests,...
Passively scan targets using Nmap via Shodan
shodan-hq-nse is an nmap nse script to query the Shodan API and passively get information about hosts. Installation Usage You can set your Shodan API key in the shodan-hq.nse file itself to save you having to type...
