Burp Suite is a framework written in Java that aims to provide a one-stop-shop for web application penetration testing. Burp Suite is also very commonly used when assessing mobile applications, as the same features which make it so attractive for web app testing translate almost perfectly into testing the APIs (Application Programming Interfaces) powering most mobile apps. … Read more
Using a fast directory discovery tool called GoBuster you will locate a directory that you can use to upload a shell to. To install, sudo apt-get install gobuster GoBuster is a tool used to brute-force URIs (directories and files), DNS subdomains and virtual host names. For this machine, we will focus on using it to brute-force directories. … Read more
Enumerating SAMBA for shares Samba is the standard Windows interoperability suite of programs for Linux and Unix. It allows end users to access and use files, printers and other commonly shared resources on a companies intranet or internet. Its often referred to as a network file system. Samba is based on the common client/server protocol of Server … Read more
Hydra is a brute force online password cracking program; a quick system login password ‘hacking’ tool. Hydra has the ability to bruteforce the following protocols: Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTPS-POST, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, … Read more
Rules of Engagements Section Name Section Details Executive Summary Overarching summary of all contents and authorization within RoE document Purpose Defines why the RoE document is used References Any references used throughout the RoE document (HIPAA, ISO, etc.) Scope Statement of the agreement to restrictions and guidelines Definitions Definitions of technical terms used throughout the RoE document Rules of Engagement and Support Agreement Defines … Read more
Most used common passwords: https://www.ncsc.gov.uk/blog-post/passwords-passwords-everywhere Chain of Custody form: https://www.nist.gov/document/sample-chain-custody-formdocx pdfinfo – you can install it using sudo apt install poppler-utils here are many online and offline tools to read the EXIF data from images. One command-line tool is exiftool. ExifTool is used to read and write metadata in various file types, such as JPEG images. (The AttackBox … Read more
According to Lockheed Martin, the Cyber Kill Chain has seven steps: Recon: Recon, short for reconnaissance, refers to the step where the attacker tries to learn as much as possible about the target. Information such as the types of servers, operating system, IP addresses, names of users, and email addresses, can help the attack’s success. Weaponization: … Read more
Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification, or destruction of all data or performing a business function outside the user’s limits. Broken access control means that an attacker can access information or perform actions not intended for them. Common access … Read more
A01:2021-Broken Access Control moves up from the fifth position to the category with the most serious web application security risk; the contributed data indicates that on average, 3.81% of applications tested had one or more Common Weakness Enumerations (CWEs) with more than 318k occurrences of CWEs in this risk category. The 34 CWEs mapped to Broken … Read more