Knowledge Base for Penetration Testing
Here is a list of things to check for on a manual console review for a firewall, switch, wireless controller, router, etc, and there is not a security best practice guide for that specifc device: Rule base for the use of ANY for SOURCE/DESTINATION/SERVICE or overly permissive, such as allowing large ranges (e.g. x.x.x.x/16) Rules […]
Lesson 1: Explaining the Importance of Security Controls and Security Intelligence Topic 1A: Identify Security Control Types Review Activity: Security Control Types Topic 1B: Explain the Importance of Threat Data and Intelligence Review Activity: Threat Data and Intelligence Lesson 1: Practice Questions Lesson 1 PBQ: Explaining the Importance of Security Controls and Security Intelligence https://hack.technoherder.com/cybersecurity-control/ […]
Discovering Targets https://github.com/arkadiyt/bounty-targets-data# This repo contains data dumps of Hackerone and Bugcrowd scopes (i.e. the domains that are eligible for bug bounty reports). IP Enumeration http://www.asnlookup.com# This tool leverages ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes. https://github.com/pielco11/fav-up# Lookups for real IP starting from the favicon […]
Overview For this lab, you will be using basic cryptographic functions provided by the Sodium crypto library (libsodium), which is a portable fork of NaCl, the “Not Another Crypto Library” developed by Daniel J. Bernstein (DJB). Libsodium has API bindings for common programming languages beyond C/C++. You can implement the lab in any language you […]
In this lab you are going to perform social engineering activities using the Social-Engineer Toolkit (SET). “The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly.” – https://github.com/trustedsec/social-engineer-toolkit Note: A key selling point of many […]
Prereq – Have a local instance of Kali running and finish the Metasploit lab. https://hack.technoherder.com/vm-setup-kali-metasploitable2/ https://hack.technoherder.com/metasploit-2/ Part 1 – John the Ripper Let’s say you have password hashes from an earlier exploit. (Such as the password hashes obtain in the Metasploit Lab). While that was helpful by itself to see what usernames exist, it would […]
Metasploit is an open source platform for vulnerability research, exploit development, and the creation of custom security tools. In this lab, we’re going to be using Metasploit to attack the Metasploitable2 VM. Preqreq – have a local Kali instance and Measploitable2 VM running. https://hack.technoherder.com/vm-setup-kali-metasploitable2/ Activities Part 1 – Getting Started Update Kali: Start the Kali […]
Prereq – Have a local Kali instance running and Metasploitable2 for a target. https://hack.technoherder.com/vm-setup-kali-metasploitable2/ Part 1 – Setup Launch both Kali Linux and the Metasploitable2 VM and ensure that they are on the same isolated network. Chech which version of nmap you have installed. The nmap commands have evolved slightly over time. It’s important to […]
Part 1 – Autonomous Systems (AS) Many organizations, such as University of the Pacific, have configured their networks as Autonomous Systems (AS), providing them the ability to use multiple internet service providers and route traffic between them as desired. References: There are many online tools that allow you to look up Autonomous System information for […]
Part 1 – Infrastructure Setup Follow the Virtual Machine setup instructions to download and install Kali and Metasploitable2 as virtual machines. Deliverables: Part 2 – Network Scanning First, from the terminal of your running Metasploitable2 VM, find its IP address. Reference: Linux IP command examples Second, from the terminal of your Kali VM, use […]
by 
