Skip to content

Latest commit

 

History

History
38 lines (22 loc) · 1.46 KB

README.md

File metadata and controls

38 lines (22 loc) · 1.46 KB

hackerify

Input testings

  1. Polyglot inputs:<s>000'")};--//

Tools for reconnaissance

  1. uniscan - useful for fingerprinting the webserver. The uniscan comes by default with Kali
  2. nikto - useful for idetifying known web vulnerabilities. The nikto also comes by default with Kali. Start command: nikto -h example.com
  3. subfinder - a passive tool to detect the subdomains of the domain by using several external source. Some sources requires API key.

Networking tools

  1. nmap - tries to find the running services on the host. The nmap comes with Kali by default
  2. netcat - swiss army knife for networking. The netcat comes with Kali by default

Social engineering tools

  1. Trity - tool for social engineering

Wordlist

  1. Assetnote organization provides list of wordlist. Link to the organization: here
  2. crunch - can generate automatically the wordlist

Tips for KALI

  1. In Kali you can change your MAC address

Exploitation tools

  1. weevely - generate the PHP reverse shell script for file inclusion vulnerabilities. By default comes with KALI.
  2. hydra - tool for the brute force attack

Windows

  1. nishang - is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security, penetration testing and red teaming. Nishang is useful during all phases of penetration testing. Github link