nmap quick notes

nmap quick notes

Nmap (short for “Network Mapper”) is a free and open-source utility designed for network discovery and security auditing. Created by Gordon Lyon (also known as Fyodor Vaskovich), Nmap is widely used by cybersecurity professionals, network administrators, and system administrators to map out networks, discover hosts and services, and assess network security.
Metasploit quick reference guide

Metasploit quick reference guide

Metasploit is a widely used open-source framework designed for penetration testing, vulnerability assessment, and exploit development in the field of cybersecurity. Developed originally by H.D. Moore in 2003 and later acquired by Rapid7 in 2009, Metasploit has become a pivotal tool for both security professionals and, unfortunately, cybercriminals.
Cracking zip file passwords using John the Ripper tool.

Cracking zip file passwords using John the Ripper tool.

John the Ripper is a widely used open-source password cracking utility designed for password security auditing and recovery. Its primary function is to test the strength of passwords by attempting to crack password hashes using various attack methods, such as brute-force, dictionary, and hybrid attacks.
Cybersecurity checklist

ffuf (Fuzz Faster) notes

FFUF, which stands for “Fuzz Faster U Fool,” is a fast and flexible open-source web fuzzing tool written in the Go programming language. It is primarily used for discovering hidden…
Cybersecurity checklist

Windows privilege escalation checklist

System Info Obtain System information Search for kernel exploits using scripts Use Google to search for kernel exploits Use searchsploit to search for kernel exploits Interesting info in env vars? Passwords in PowerShell history? Interesting info in Internet settings? Drives? WSUS exploit?…
Cybersecurity checklist

Linux privilege escalation checklist

System Information Get OS information Check the PATH, any writable folder? Check env variables, any sensitive detail? Search for kernel exploits using scripts (DirtyCow?) Check if the sudo version is vulnerable Dmesg signature verification failed More system enum (date, system stats,…
Bind shell cheatsheet

Bind shell cheatsheet

A bind shell is a type of remote access shell in which the target (or victim) machine opens a specific network port and listens for incoming connections. Once this port is open, an attacker can connect to it from a remote location and gain command-line access to the target system, allowing them to execute commands as if they were physically present at the machine.