pentest.md

trainings, tutors, interesting links

• http://www.mh-sec.de/downloads.html.en
• https://itsecurity.org/cybersecurity-domains-mind-map/

OS

• whonix
• tails os
• Kodachi
• Qube OS
• Parrot

change mac address

# list of devices
iw dev

# sudo apt-get install macchanger
macchanger -s wlp1s0
sudo ifconfig wlp1s0 down
# ip link set wlp1s0 down
sudo macchanger -r wlp1s0
sudo ifconfig wlp1s0 up
macchanger -s wlp1s0

list of all accessible wifi points

# force rescan 
nmcli device wifi rescan
# all points
nmcli device wifi
# all fields 
nmcli -f ALL device wifi
# all fields with using in script 
nmcli -t -f ALL device wifi
nmcli -m multiline  -f ALL device wifi

# alternative way 
iwlist wlan0 scan 

# alternative way
iw wlan0 scan

# alternative way
sudo apt install wavemon

connect to selected network

# install tool
apt-get install wireless-tools wpasupplicant
# save password
wpa_passphrase YourSSID >> /etc/wpa_supplicant.conf

# check adapter
iwconfig
# connect to netowrk
wpa_supplicant -D wext -i wlan0 -B -c /etc/wpa_supplicant.conf

# sudo systemctl restart wpa_supplicant

check your current IP address

curl --proxy localhost:8118 'https://api.ipify.org'
curl 'https://api.ipify.org'
curl --silent -X GET https://getfoxyproxy.org/geoip/ | grep -A 2 "Your IP Address and Location" | awk -F "strong" '{print $2 $4}' | tr '><' ' '

activate tor connection

• installation

sudo apt install tor
sudo apt install privoxy

• configuration sudo vim /etc/privoxy/config

forward-socks5t / 127.0.0.1:9050 .
forward-socks4a / 127.0.0.1:9050 .

• applying

# tor
sudo service tor restart
# /etc/init.d/privoxy start
sudo service privoxy restart

• check your ip afterwards

# via TOR 
curl --proxy localhost:8118 'https://api.ipify.org'
# direct connect
curl 'https://api.ipify.org'

• stop, stop tor, stop private proxy

systemctl stop tor
systemctl status tor

systemctl stop privoxy
systemctl status privoxy

proxy

proxy list tools

https://github.com/cherkavi/python-utilitites/blob/master/proxy/foxyproxy-generator.py
https://addons.mozilla.org/de/firefox/addon/foxyproxy-standard/

my ip

curl 'https://api.ipify.org'
curl 'https://api.ipify.org?format=json'

scan ports

nmap -sV -p 1-65535 {hostname}

web scan

nikto -h {host name}

cms detector

https://www.web4future.com/free/cms-detector.htm
https://whatcms.org
https://builtwith.com

detect endpoints

[2ip.ru/cms](find cms)

/rotots.txt
/admin.php
/admin
/admin/admin.php
/manager
/administrator
/login

GSM

phone info

HLR request

sms

sms receive sms receive

e-mail

• temp e-mail address

for changing manually - Cookies->https://temp-mail.org->email

• https://tempail.com/
• https://www.guerrillamail.com/
• https://www.emailondeck.com/
• https://mail.tm

files

• send files
• upload/download files

zip -r archive.zip folder/to/compress
mv archive.zip archive.pdf
vim archive.pdf # "%PDF-1.5"
curl -i -F name=some-archive.pdf -F [email protected] https://uguu.se/api.php?d=upload | grep "uguu.se"
wget https://a.uguu.se/1JQuulht48T6_1571004483891-2.pdf

wifi

initiate monitor mode on interface

ifconfig 
# ( result - wlan0 )
airmon-ng check kill
airmon-ng check 
# ( should be empty )
airmon-ng start wlan0 
# ( result - wlan0mon )
airodump-ng wlan0mon 
# ( result - BSSID )
reaver -i wlan0mon -b <BSSID> -vv -K 1

md5sum, hash

https://hashkiller.co.uk/Cracker/MD5
https://md5decrypt.net
https://www.md5.ovh/index.php?controller=Api
https://crackstation.net/