Skip to content
/ pen_testing_tools_and_docs Public

An ongoing list and notes as I continue to learn pen testing and work towards becoming a certified ethical hacker

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

joecodecreations/pen_testing_tools_and_docs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README.md
README.md
 
 
kali-network-monitor-mode.md
kali-network-monitor-mode.md
 
 
scanning.md
scanning.md
 
 

Repository files navigation

Penetration Testing Documents and Tools

Methodology

Reconnaissance --> scanning --> Exploitation --> Post Exploitation ( maintaining Access / Cleaning Tracks (BH Only) )

Websites

Google Dorking

site:domain.com search google on a specific domain

allintitle:index of keywords that are all in the title

inurl:admin words in the url

cache:domain.com search cache pages only for data

filetype:pdf limit search to filetype only.

Attack Operating Systems

  • blackbuntu
  • Kali
  • NodeZero
  • Pentoo
  • SamuraiWTF
  • Backtrack

Victim Operating Systems

Tools

DNS

  • nslookup --> server <ip address> --> type all
  • dig@<ipaddress> -t AXFR
  • fierce -dns codecreations.net

Data Extraction

metagoofil

run metagoofil -d codecreations.net -t pdf,doc,xls,pptx -l 75 -n 100 -o results -f results.html

This will put the results in the folder results.

theHarvester

Finds emails and servers

run

theharvester -d codecreations.net -l 10 -b google

or theharvester -d codecreations.net -l 10 -b google for more all areas to search like linkedin, PGP, bing etc.

mitmproxy

Man in the middle software https://mitmproxy.org/

Documents

About

An ongoing list and notes as I continue to learn pen testing and work towards becoming a certified ethical hacker

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published