Category: Tools

All about network tools!

NMAP

Common nmap commands during Pentest

1. Discover live hosts nmap -n -sn -PE -oA live_hosts 192.168.1.0/24nmap -n -sn -PE -oA live_hosts 192.168.1.0/24 2. Discover open TCP ports nmap -sS -vv -p- -oA tcp_ports_65535 192.168.1.15nmap -sS -vv -p- -oA tcp_ports_65535 192.168.1.15 nmap -sS -vv -p- -Pn –reason –open -oA tcp_ports_65535 192.168.1.15nmap -sS -vv -p- -Pn –reason –open -oA tcp_ports_65535 192.168.1.15 nmap …

Nessus, NMAP

Import Nmap results into Nessus

Download the Nmap XML Import plugin from http://tenablesecurity.com/documentation/nmapxml.nasl Copy the nmapxml.nasl file into the Nessus plugins directory C:\ProgramData\Tenable\Nessus\nessus\plugins Run a command prompt as Administrator net stop "Tenable Nessus"net stop "Tenable Nessus" Load Nessus new plugins cd C:\Program Files\Tenable\Nessuscd C:\Program Files\Tenable\Nessus nessusd.exe -ynessusd.exe -y Start the Nessus service net start "Tenable Nessus"net start "Tenable Nessus" Under …

Social Engineering, Tools

Social-Engineer Toolkit on Windows

To install the latest Social-Engineer Toolkit (SET) release follow these steps under Windows: 1. Download and install GitHub for Windows. 2. Clone SET git repository from https://github.com/trustedsec/social-engineer-toolkit/. 3. Download and install PyCrypto library. Download Prebuilt binaries for Windows from Voidspace site. 4. Open your cmd and run Social-Engineer Toolkit: python C:\Users\<username>\Documents\GitHub\social-engineer-toolkit\se-toolkitpython C:\Users\<username>\Documents\GitHub\social-engineer-toolkit\se-toolkit    

Detection, Integrity, Microsoft Windows, Tools

Scan the integrity of all protected Windows 7 system files

Open an elevated command prompt. To do this, click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator. If you are prompted for an administrator password or for a confirmation, type the password, or click Allow. At the command prompt, type the following command, and then press ENTER: sfc …

Network, Port Scanning, Tools

Top 5 Free Port Scanners

1. Nmap Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what …

Sniffing, Wireshark

Sniffing email passwords with Wireshark

> Open Wireshark.   > Select an interface and start capturing in promiscuous mode.   > To capture credentials from POP apply this filter: pop.request.command == "USER" || pop.request.command == "PASS"pop.request.command == "USER" || pop.request.command == "PASS"   > To capture credentials from IMAP apply this filter: imap.request contains "login"imap.request contains "login"   > To …