Tools Hacking
-
Upload
dann-lunliie -
Category
Technology
-
view
250 -
download
2
description
Transcript of Tools Hacking
![Page 1: Tools Hacking](https://reader034.fdocuments.us/reader034/viewer/2022042521/55756cafd8b42a2e248b4dd8/html5/thumbnails/1.jpg)
Introduction To ToolBox Pentest
Dwi Septian Wardana putra
KOLAM – Komunitas Linux Arek Malang
![Page 2: Tools Hacking](https://reader034.fdocuments.us/reader034/viewer/2022042521/55756cafd8b42a2e248b4dd8/html5/thumbnails/2.jpg)
ToolBox
You want to know nearly all your toolbox
dpkg list
You want to know if a specific tool is installed
dpkg –list | grep <tool name>
![Page 4: Tools Hacking](https://reader034.fdocuments.us/reader034/viewer/2022042521/55756cafd8b42a2e248b4dd8/html5/thumbnails/4.jpg)
Information Gathering
Pre pentest, Important Phase
Gathering All Information
# Internet Searches
# Social Engineering
# Hping
# Fierce
![Page 5: Tools Hacking](https://reader034.fdocuments.us/reader034/viewer/2022042521/55756cafd8b42a2e248b4dd8/html5/thumbnails/5.jpg)
ToolBox
Fierce ToolBox:
Scanning DNS
Zone transfer
Config Check DNS
# /pentest/enumeration/dns/fierce
# /fierce.pl –dns <www.target.com>
![Page 7: Tools Hacking](https://reader034.fdocuments.us/reader034/viewer/2022042521/55756cafd8b42a2e248b4dd8/html5/thumbnails/7.jpg)
Recon Scanning
Recon Tools :
Nslookup
Whois
Enum Tools / Network Scanner :
Nmap
Netcraft
Etc
Vulnerability Tools :
Nessus
Nikto
Etc
![Page 8: Tools Hacking](https://reader034.fdocuments.us/reader034/viewer/2022042521/55756cafd8b42a2e248b4dd8/html5/thumbnails/8.jpg)
ToolBox
Nmap ToolBox is :
Free and Open Source
Cross platform
Simple to use
Nmap : http://www.nmap.org
Command : nmap p <ipaddr>
![Page 10: Tools Hacking](https://reader034.fdocuments.us/reader034/viewer/2022042521/55756cafd8b42a2e248b4dd8/html5/thumbnails/10.jpg)
ToolBox
Vulnerability Assessment Nikto :
Web Server Scanner
http://cirt.net/nikto2
/pentest/scanners/nikto
./nikto.pl host <websiteip>:<port>
![Page 11: Tools Hacking](https://reader034.fdocuments.us/reader034/viewer/2022042521/55756cafd8b42a2e248b4dd8/html5/thumbnails/11.jpg)
Nessus
Vulnerability Assessment :
Install
# dpkg i *.deb
# /opt/nessus/sbin/nessusadduser
# Reg : http://www.nessus.org/plugins/?view=registerinfo
# Start Nessus : /etc/init.d/nessusd start
https://localhost:8834
![Page 13: Tools Hacking](https://reader034.fdocuments.us/reader034/viewer/2022042521/55756cafd8b42a2e248b4dd8/html5/thumbnails/13.jpg)
Gain
Gain Access Point of a modernday attack
The usual goal is to either extract information
Gain Tools :
Metasploit
SET (Social Eng Toolkit)
Etc..
![Page 15: Tools Hacking](https://reader034.fdocuments.us/reader034/viewer/2022042521/55756cafd8b42a2e248b4dd8/html5/thumbnails/15.jpg)
ToolBox
ToolBox Metasploit Interfaces :
# MSFconsole
# MSFcli
# MSFgui, MSFweb
# Armitage