a vulnerable FTP Server in the wild
This was discovery by chance. I was giving a workshop and while demonstrating some features of nmap i justused the name of a company in the area. Without intending this there where some things to discover and to learn. Obviously I informed the company immediatly of my findings and … Read more Background
Mar
Anonymous – a tryhackme.com writeup
A quite minimalistic CTF from tryhackme.com – lets dive right in: What does nmap say? There we have the first answers to the challenge: 4 Services are running, FTP on 21 and smb on 139 and 445. Now we need to look at the smb shares:… Read more sudo nmap -sV 10.10.51.126
Mar
theHarvester – looking for all there is
we already talked about sublist3r – theHarvester goes some steps further. you can find theHarvester on Github or install it through apt if you are on kali. It is also an OSINT tool but covers a broader area than sublist3r. theHarvester tries to find subdomains, email … Read more What is it for?
Mar
hydra – the multi-protocol online cracker
when you want to buteforce an online service – hydra is one of the go to tools. It supports a wide spectrum of services: ssh, mysql, ftp http-forms and many more. You can use wordlists for both usernames and passwords or you can use the bruteforce feature.… Read more What is it?
Mar
Burp Suite – owning the web traffic Part 1
Burp suite is certainly one essential tool in your web application related toolbox. It lets you intercept web traffice, alter, reply and compare it and much more. So very useful and a bit complex at first. Lets look into it Since you will be using Burp … Read more What is it?
Preperations
Mar
hunter.io – finding emails and patterns
This is gonna be a short one. hunter.io is a web portal where you can potentially find email adresses, roles and oganisations and email patterns for a given company. It is widely used by sales and marketing departments. But it is also a valuable tool for collecting … Read more What is it?
Feb
nmap – portscanning unleashed – the basics
nmap is a portscanner. nmap means “network mapper” so nmap can be used to map out networks The amazing thing is the amount of features it provides to help you gather all kinds of information. It is one of the tools that grows on you as you … Read more What is it?
Feb
Feb
sherlock – the social media stalker
sherlock is another OSINT tool. You can find it here on Github or install it through apt if you are on kali. Sherlock allows you to search a huge number of social networks for a username. Imagine you know someones username on facebook. You could assume … Read more What is it for?
Feb
- 1
- 2