Burp Suite Target: This tool allows you to visualize your target application’s contents in a folder structure hierarchy that corresponds to the site’s URL structure. This section shows all of the content that has been is covered until now, by manually browsing the site’s pages.Proxy: This is the main engine of Burp, which allows it … Read more
Enum4Linux enum4linux -a target-ip Do Everything, runs all options apart from dictionary based share name guessing Extract OS Information enum4linux -s shares.txt target-ip Perform a dictionary attack, if the server doesn’t let you retrieve a share list enum4linux -i target-ip Pull information about printers known to the remove device. Lists usernames, if the server allows … Read more
SMBMap allows users to enumerate samba share drives across an entire domain. List share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. This tool was designed with pen testing in mind, and is intended to simplify searching for potentially sensitive data across large networks. Link to … Read more
Powershell is the Windows Scripting Language and shell environment that is built using the .NET framework. Most Powershell commands, called cmdlets, are written in .NET. The normal format of a cmdlet is represented using Verb-Noun. For example the cmdlet to list commands is called Get-Command and the command to get help is Get-Help. E.g.; Get-Help Command-Name Somewhat Object-oriented – which makes it convenient … Read more
A netcat reverse shell is pretty useless and can be easily broken by simple mistakes. These shells are very unstable by default. Pressing Ctrl + C kills the whole thing. They are non-interactive, and often have strange formatting errors. This is due to netcat “shells” really being processes running inside a terminal, rather than being bonafide terminals … Read more
Authentication and session management constitute core components of modern web applications. Authentication allows users to gain access to web applications by verifying their identities. The most common form of authentication is using a username and password mechanism. A user would enter these credentials, the server would verify them. If they are correct, the server would … Read more
Command Injection occurs when server-side code (like PHP) in a web application makes a system call on the hosting machine. It is a web vulnerability that allows an attacker to take advantage of that made system call to execute operating system commands on the server. Sometimes this won’t always end in something malicious, like a whoami or just … Read more
