[email protected]
Search…
Exploit/CVE PoC
Hacking Report (HTB)
Penetration Testing Checklists
Red Team (Windows)
Exploitation Guide
Offensive Security Lab & Exam
01 Reconnaissance
Nmap Scan
1
# Basic Two level Recon for exam
2
1) nmap -p- -T5 --min-rate=1000 10.10.10.192 -oG fkclai.nmap
3
2) nmap -p $(grep -Eo '[0-9]{1,5}/open' fkclai.nmap | cut -d '/' -f 1 | tr -s '\n' ',') -sC -sV 10.10.10.192 -o nmap-result.txt
4
​
5
​
6
# Enumerate subnet
7
nmap -sn 10.11.1.1/24
8
​
9
# Fast simple scan
10
nmap -sS 10.11.1.111
11
​
12
# Full complete slow scan with output
13
nmap -v -sT -A -T4 -p- -Pn --script vuln -oA full 10.11.1.111
14
​
15
# Scan for UDP
16
nmap 10.11.1.111 -sU
17
​
18
​
Copied!
Network Scan
1
# Netdiscover
2
netdiscover -i eth0
3
netdiscover -r 10.11.1.1/24
4
​
5
# Nmap
6
nmap -sn 10.11.1.1/24
7
nmap -sn 10.11.1.1-253
8
nmap -sn 10.11.1.*
9
​
10
# NetBios
11
nbtscan -r 10.11.1.1/24
Copied!
tcpdump - packet scan
1
tcpdump -i eth0
2
tcpdump -c -i eth0
3
tcpdump -A -i eth0
4
tcpdump -w 0001.pcap -i eth0
5
tcpdump -r 0001.pcap
6
tcpdump -n -i eth0
7
tcpdump -i eth0 port 22
8
tcpdump -i eth0 -src 172.21.10.X
9
tcpdump -i eth0 -dst 172.21.10.X
Copied!
​
Copy link