[email protected]
Search…
[email protected]
About Calvin Lai (fkclai)
My Work
Exploit/CVE PoC
ZeroLogon Exploit
Remote Retrieved Chrome saved Encrypted Password
Twitter Control an RCE attack
Hacking Report (HTB)
Hits & Summary
Windows Machine
Linux Machine
PenTest & Exploitation Guide
01 Reconnaissance
02 Port Enumeration
03 Web Enumeration
04 Windows Enum & Exploit
05 File Enumeration
06 Reverse Shell Cheat Sheet
07 SQL Injection
08 BruteForce
09 XSS Bypass Checklist
10 Spring Boot
11 WPA
12 Payload list
Vuln Hub (Writeup)
MrRobot
CYBERRY
MATRIX 1
Node-1
DPwwn-1
DC7
AiWeb-2
AiWeb-1
BrainPan
CTF (Writeup)
Hacker One
CTF Learn
P.W.N. University - CTF 2018
HITCON
Pwnable
Useful Command/Tools
Windows
Linux
Offensive Security Lab & Exam
Lab
Powered By GitBook
01 Reconnaissance

Nmap Scan

1
# Basic Two level Recon for exam
2
1) nmap -p- -T5 --min-rate=1000 10.10.10.192 -oG fkclai.nmap
3
2) nmap -p $(grep -Eo '[0-9]{1,5}/open' fkclai.nmap | cut -d '/' -f 1 | tr -s '\n' ',') -sC -sV 10.10.10.192 -o nmap-result.txt
4
5
6
# Enumerate subnet
7
nmap -sn 10.11.1.1/24
8
9
# Fast simple scan
10
nmap -sS 10.11.1.111
11
12
# Full complete slow scan with output
13
nmap -v -sT -A -T4 -p- -Pn --script vuln -oA full 10.11.1.111
14
15
# Scan for UDP
16
nmap 10.11.1.111 -sU
17
18
Copied!

Network Scan

1
# Netdiscover
2
netdiscover -i eth0
3
netdiscover -r 10.11.1.1/24
4
5
# Nmap
6
nmap -sn 10.11.1.1/24
7
nmap -sn 10.11.1.1-253
8
nmap -sn 10.11.1.*
9
10
# NetBios
11
nbtscan -r 10.11.1.1/24
Copied!

tcpdump - packet scan

1
tcpdump -i eth0
2
tcpdump -c -i eth0
3
tcpdump -A -i eth0
4
tcpdump -w 0001.pcap -i eth0
5
tcpdump -r 0001.pcap
6
tcpdump -n -i eth0
7
tcpdump -i eth0 port 22
8
tcpdump -i eth0 -src 172.21.10.X
9
tcpdump -i eth0 -dst 172.21.10.X
Copied!
Previous
Tabby
Next - PenTest & Exploitation Guide
02 Port Enumeration
Last modified 1yr ago
Copy link
Contents
Nmap Scan
Network Scan
tcpdump - packet scan