Last active
July 19, 2016 13:21
-
-
Save xaxim/fee6695414ea3721ce2aaf8dceb1355d to your computer and use it in GitHub Desktop.
Penetration testing kali commands
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
== Installation and Configuration == | |
leafpad kali_update.sh | |
apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y | |
chmod +x kali_update.sh | |
./kali_update.sh | |
apt-get install [package] | |
dpkg -l | grep [package] | |
apt-cache show [package] | |
apt-get remove [package] | |
leafpad /etc/apt/sources.list | |
apt-get install preload | |
apt-get install bleachbit | |
apt-get install bum | |
apt-get install gnome-do | |
apt-get install apt-file | |
apt-get install scrub | |
apt-get install shutter | |
apt-get install figlet | |
leafpad /root/.bashrc | |
add in the end: | |
figlet goodhacking.org | |
cd /etc/ssh | |
mkdir [bakcup_folder] (keys_backup_ssh) | |
mv ssh_host_* [bakcup_folder] | |
dpkg-reconfigure openssh-server | |
service ssh start | |
netstat -antp | |
service ssh stop | |
apt-get install tor | |
leafpad /etc/proxychains.conf | |
Disable strict_chain | |
Enable dynamic_chain | |
Add the socks5 proxy at the end: | |
socks5 127.0.0.1 9050 | |
service tor start | |
service tor status | |
iceweasel www.whatismyip.com | |
proxychains iceweasel www.whatismyip.com | |
chkrootkit | |
== Information Gathering == | |
www.exploit-db.com | |
dnsstuff.com | |
metagoofil -d goodhacking.org -t doc -o temp -f goodhacking.org.html | |
theharvester --help | |
theharvester -d ethicalhackingblog.com -b google -l 100 | |
whois ethicalhackingblog.com | |
fierce -dns ethicalhackingblog.com | |
dmitry -winsepfbo ethicalhackingblog.com | |
git clone https://github.com/leebaird/discover.git | |
cd discover | |
./discover.sh | |
apt-get install recon-ng | |
recon-ng | |
show modules | |
load infodb (loads ipinfodb, doesnt care for exact name) | |
show info | |
//set | |
//run | |
back | |
workspaces add mysite | |
add domains ethicalhackingblog.com | |
load bing_domain_web | |
run | |
load brute_hosts | |
run | |
show hosts | |
load hosts-hosts/resolve | |
run | |
show hosts | |
load hosts-hosts/reverse_resolve | |
run | |
load ipinfodb | |
run | |
(you need to register in ipinfodb.com) | |
keys add ipinfodb <paste_key_here> | |
keys list | |
show hosts | |
load html | |
show options | |
set creator gus | |
set customer mywebsite | |
run | |
== External Pentesting == | |
traceroute www.google.com | |
nmap -v --traceroute 104.210.194.254 | |
ping www.pluralsight.com -c 3 | |
hping3 -S www.pluralsight.com -p 80 -c 3 | |
nmap -T4 -sn www.pluralsight.com -v | |
nmap -T4 -v -PN -n -sS --top-ports 100 --max-parallelism 10 -oA nmapSYN 104.210.194.254 | |
nmap -T4 -v -PN -n -sA --top-ports 100 --max-parallelism 10 -oA nmapSYN 104.210.194.254 | |
nmap -T5 -v -PN -A -oA nmapComplete 104.210.194.254 | |
== Website Penetration Testing == | |
wafw00f http://www.ethicalhackingblog.com | |
lbd http://www.ethicalhackingblog.com | |
apt-get install httrack | |
httrack "http://192.168.0.107/multillidae" (maquina com metasploitable linux) -O "/tmp/httrack" -v | |
sslscan http://www.ethicalhackingblog.com | |
wpscan -u 192.168.0.108 (maquina com wordpress vulneravel) --enumerate vp | |
wpscan -u 192.168.0.108 (maquina com wordpress vulneravel) --enumerate u | |
wpscan -u 192.168.0.108 (maquina com wordpress vulneravel) --wordlist /usr/share/wordlists/rockyou.txt --username admin |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment