Information Gathering
文章平均质量分 64
Nixawk
这个作者很懒,什么都没留下…
展开
-
情报搜集阶段
├─1.Network Analysis│ ├─1.IP Analysis│ ├─2.Whois Analysis│ ├─3.DNS Analysis│ ├─4.Identify Live Hosts│ ├─5.Network Scanners│ ├─6.Network Traffic Analysis│ ├─7.OS Fingerprinting│原创 2014-04-21 09:46:44 · 1091 阅读 · 0 评论 -
nmap -- [nse - scripts] - http-title
root@gnu:~/nmap/scripts# nmap -Pn -sS -p 80 --script /home/offensive/nmap/script/http-title.nse www.baidu.comStarting Nmap 6.47 ( http://nmap.org ) at 2014-10-08 22:44 EDTNmap scan report for www.baidu.com (119.75.217.56)Host is up (0.0047s latency).O原创 2014-10-09 14:09:09 · 4105 阅读 · 0 评论 -
hacking svn
root@gnu:~# svn cohttp://example.com/.svn/ theorasvn: Repository moved permanently to'http://example.com/.svn/'; please relocateroot@gnu:~# svn cohttp://example.com/svn:原创 2014-10-19 14:26:58 · 920 阅读 · 0 评论 -
CapTipper
CapTipper is a python tool to analyze, explore andrevive HTTP malicious traffic.CapTipper sets up a web serverthat acts exactly as the server in the PCAP file, and containsinternal tools, with a原创 2015-01-31 14:56:40 · 2009 阅读 · 0 评论 -
Google - Domains
[+] brute dns domain tld: google.ac :173.194.127.243[+] brute dns domain tld: google.ad :173.194.127.151[+] brute dns domain tld: google.af :173.194.127.80[+] brute dns doma原创 2014-12-27 16:47:51 · 1665 阅读 · 0 评论 -
nmap -- write a nmap script
漏洞扫描 --编写Nmap脚本2006年12月份,Nmap4.21 ALPHA1版加入脚本引擎,并将其作为主线代码的一部分。NSE脚本库如今已经有400多个脚本,覆盖了各种不同的网络机制(从SMB漏洞检测到Stuxnet探测,及中间的一些内容)。NSE的强大,依赖它强大的功能库,这些库可以非常容易的与主流的网络服务和协议,进行交互。原创 2014-09-30 23:24:24 · 4909 阅读 · 0 评论 -
keybase
Install KeybaseKeybase is a website, but it’s also an open source command line program. Let’s walk through a terminal example, which illustrates what Keybase does. All of this can be embedded into othe原创 2015-04-27 20:24:58 · 1966 阅读 · 0 评论 -
python - scapy - arpscanner
How to get a internal target mac address: 1. Send a ARP request 2. Recv a ARP response, and parse it.With scapy (a powerful packet tool or library), we can create a arp scanner for mac addres原创 2015-05-23 00:32:24 · 1555 阅读 · 0 评论 -
python - scapy - dns sniffer / posioning
How to parse dns request and response ? Scapy is a powerful tool, and it can help us for dns detail.#!/usr/bin/env python# -*- coding: utf8 -*-"""execte demo py with root privilege, and finish double原创 2015-05-23 11:38:09 · 8968 阅读 · 0 评论 -
Lab - Hackademic -RTB2
DescriptionHackademic RTB2 is the second edition of Hackademic vulnerable Virtual Machine. The first challenge is described here. InstallationHackademic RTB2 can be downloaded from following places:ht原创 2015-07-12 11:34:25 · 3889 阅读 · 0 评论 -
Basic Linux Privilege Escalation
Before starting, I would like to point out - I’m noexpert. As far as I know, there isn’t a “magic”answer, in this huge area. This is simply my finding, typed up, tobe shared(my startingpoint). Bel转载 2014-08-27 20:01:10 · 1613 阅读 · 0 评论 -
pentest - masscan-web-ui
Here’s a quick guide to get started:Install and setup your web server, copy over the MASSCAN web-ui files:root@kali:~# apt-get install apache2 php5 php5-mysql mysql-serverroot@kali:~# git clone http转载 2016-02-02 01:27:10 · 1787 阅读 · 0 评论 -
How to scan whole Internet 3.7 billion IP addresses in few minutes?
Cyber security audit and ethical hacking training professionals normally use scanner to scans the networks. Scanning every IP address on the internet isn’t an easy job, and if you don’t have the resour转载 2016-09-12 18:13:49 · 601 阅读 · 0 评论 -
nmap -- module 'openssl' not found
offensive@security:~/nmap_nse$ nmap-p 80,443 --script/home/offensive/nmap_nse/http-vuln-check_openssl.nse 192.168.1.105Starting Nmap 6.47 ( http://nmap.org) at 2014-09-30 04:33 EDTNSE: Failed to原创 2014-09-30 17:02:19 · 3888 阅读 · 1 评论 -
sslscan
information gathering -- SSL原创 2014-09-29 09:41:27 · 2593 阅读 · 0 评论 -
Extracting Metada From Files
root@gnu:~# exiftool 123.doc ExifTool Version Number : 8.60File Name : 123.docDirectory : .File Size : 131 kBFile Mo转载 2014-07-21 16:43:46 · 1286 阅读 · 0 评论 -
nmap -- [ip-geolocation-maxmind]
插件ip-location-maxmind,可以帮助nmap获取ip的geo信息。官方说明:http://nmap.org/nsedoc/scripts/ip-geolocation-maxmind.html数据库:http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.g原创 2014-07-27 16:43:56 · 1155 阅读 · 0 评论 -
dnsrecon 侦察
http://pentestlab.wordpress.com/tag/dnsrecon/Standard Record Enumeration原创 2014-07-19 23:12:14 · 4121 阅读 · 0 评论 -
http version scan
介绍一下nmap与metasploit如何获取 http versionxi原创 2014-07-28 11:53:28 · 1346 阅读 · 0 评论 -
metasploit + dns_bruteforce
auxiliary/gather/dns_bruteforce 模块可以用于猜jie原创 2014-07-28 17:27:28 · 1205 阅读 · 0 评论 -
scapy rdpcap
_ _ _ ____ _ _ | | | | __ _ ___| | __ | __ ) __ _ ___| | _| | | |_| |/ _` |/ __| |/ / | _ \ / _` |/ __| |/ / | |原创 2014-08-13 12:23:12 · 8953 阅读 · 0 评论 -
linux - /var/log 日志文件
如果你花费了许多时间在Linux系统环境中,那么很多必要知道日志文件在哪里,每个日志文件包含的内容等。当你的系统正常启动时,花点时间去了解日志文件,这可以帮助你发现系统什么时候出问题了,具体是什么问题。原创 2014-08-27 00:24:07 · 1405 阅读 · 0 评论 -
世界各国国家代号与区号
Countriesand Regions国家或地区国际域名缩写电话代码时差邮政编码地名代码[汉化]常用邮件地址Angola安哥拉AO244-7999104AGLAfghanistan原创 2014-08-27 01:00:42 · 1089698 阅读 · 0 评论 -
Pentest Lab - flick
http://vulnhub.com/entry/flick-1,99/http://blog.techorganic.com/2014/08/14/flick-hacking-challenge/原创 2014-08-18 16:44:30 · 2010 阅读 · 0 评论 -
scapy document
Navigationindexnext |previous |Scapy v2.1.1-dev documentation » Usage¶Starting Scapy¶Scapy’s interactive shell is run in a terminal session. Root privileges are needed to原创 2014-08-12 23:15:49 · 3676 阅读 · 0 评论 -
NTP - UDP 123
推荐链接:NTP reflection attack原创 2014-09-03 23:39:08 · 8142 阅读 · 1 评论 -
Compile zmap in Mac OSX
The quickest way to install zmap in Mac OSX is :$ brew install zmapBut, it may fails at sometimes. ex:$ time zmap -o icmpscan.csv --probe-module icmp_echoscan --whitelist-file=wh.txtMar 09 12:23:26.57原创 2017-03-09 13:34:42 · 1033 阅读 · 0 评论