Skip to content

thearrival/new-beginning

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

new-beginning

ABOUT THE AUTHOR! His name is Esmail was graduated from HUST university majored in Telecom eng and had certificate in "Penetration TESTING AND ethical hacking" and energetic to gain more skills in cybersecurity . for any Questions pm me via my email address

[email protected]

ᶤᶰ ᵗʰᶤˢ ᵃʳᵗᶤᶜˡᵉ ʸᵒᵘ ʷᶤˡˡ ᵇᵉ ᵃᵇˡᵉ ᵗᵒ ˡᵉᵃʳᶰ ᵖᵉᶰ ᵗᵉˢᵗᶤᶰᵍ ᵐᵉᵗʰᵒᵈˢ ᵒᶰᵉ ᵇʸ ᵒᶰᵉ

ᵖᵃʸ ᵃᵗᵗᵉᶰᵗᶤᵒᶰ ᵇᵉᶠᵒʳᵉ ʸᵒᵘ ˢᵗᵃʳᵗ ᵈᵒᶤᶰᵍ ᵖᵉᶰ ᵗᵉˢᵗᶤᶰᵍ ᵒᶰ ᵃᶰʸ ʷᵉᵇˢᶤᵗᵉ ʸᵒᵘ ʰᵃᵛᵉ ᵗᵒ ᵗᵃᵏᵉ ᵖᵉʳᵐᶤˢˢᶤᵒᶰ ᶠʳᵒᵐ ᵗʰᵉᵐ
ᵒᵗʰᵉʳʷᶤˢᵉ ᵃᵐ ᶰᵒᵗ ʳᵉˢᵖᵒᶰˢᶤᵇˡᵉ ᵃᵇᵒᵘᵗ ᵃᶰʸ ᵗʰᶤᶰᵍˢ ʰᵃᵖᵖᵉᶰ ᵗᵒ ᵃᵐᵖᵠᵘᵒᵗʸᵒᵘᵃᵐᵖᵠᵘᵒᵗ

$~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BEFORE YOU MOVE ON YOU MOST HAVE BACKGROUD IN NETWORKING (protocols and port ....etc ) ,
WEB APPLICATION DESIGN  (HTML,PHP & JAVA) , KNOWLEGE IN DIFFERENT OPERATION SYSTEM AND
BASIC KNOWLEGS IN PROGRAMMING LANGUAGE (PYTHON,C , SQL ...etc) 
and I highly recommend this website to learn more about ethical hacking "𝐶𝑌𝐵𝑅𝐴𝑅𝑌.𝐼𝑇" .




^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
➊ Reconncanceing and Scanning :    ^
                                   ^
by using TOOLS and websites >>>    ^
                                   ^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- nslookup : nsloolup "target website" .
- hping3 : hping3 -8 "port-port" -S "website".
- ping : ping "target ip or DNS".
- dig : dig "target website" ANY #ANY is to show you all DNS info . 
- whois :whois "DNS server".
- nmap : nmap -sV -sC -A "target ip" .
- nikto : nikto -h "target ip or DNS" .
- netdiscover: netdiscover -i (interface) -P . 
- osint (phoneinfoga): python3 phoneinfoga.py -n "phone NUM" #get this tool from GITHUB .
- sherlock : python3 sherlock.py "target name" . #get this tool from GITHUB
- wireshark: it has GUI. 
- "shodan" and "zoomeye" for gather website info  .
- Nessus\ is a remote security scanning tool, which scans a computer and raises an alert 
  if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network. 


#Summery is to check the TCP & UDP ports if its open or not and gather the 
information about DNS server and MAC address and the activity of the network 
and show you if the target use firewall or not and the vulnerabilities of the system .

$~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
➊ Exploitation and maintenance access :    ^
                                           ^
by using TOOLS and websites >>>            ^
                                           ^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^



Overview ~
This is the most diffecult section and you have to be patient and think out of the box in order to well-perform and crack 
the vulnerable ports and it's may take to some time ....
the first thing i always do after the first step of the pentest is to check the version and detials of the targeted open ports
and discover about it and see how its secure in ( vlunerable.com )


secondly for exploiting there are so many tools ..
and the famuse one is :::
-metasploit \ used for break the vulnerable websites .
-hydra or xhydra \ used to crack the ports like : ssh,http,smtp,ftp,telnet,RPC .... and much more .
nmap \ also nmap has the abilitsdy to exploit vlunerable ports by using spicefic scrip .
brupsuite \ using to exploit vulnerable websites . 
Medusa\ perfect tool use to exploit the service and remote as like administator . 




in the END you can write an intelligece report about methodology, procedures, proper explanation of report content and design,
detailed example of testing report, and tester’s personal experience. Once the report is prepared, it is shared
among the senior management staff and technical team for the awareness.  I Prever to use excel to prescribe it.




                                   ---------Thanks for your reading-------- 

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published