My personal collection for Pen testing and Cyber Notes
1 min readDec 4, 2023
My Personals Noots so I don't forget |Pen Testing|
What tools im going to use for Pentesting
Subdomain Enumeration:
- DNS Dumpster:
- crt.sh
- amass
- subOver
- Assetnote
For Wprdpress
- wp-gravity.
wp-gravity.py -h -u " https://www.xxx.com/" -t "targets.txt" -v, - Wpscan
wpscan - url https://xxxx.org/ - random-user-agent - api-token xxxxxx - exclude-content-based REGEXP_OR_STRINGcommand not found
- wfuzz
- nuclei
- nmap
nmap -sV --script=http-php-version
nmap -p80 --script http-csrf.nse <target>
sudo nmap -sS -v - spoof=<spoofed_ip_address> <target_ip_address>
Sudo nmap –ip-options "L <1st IP address> <1st IP address>" <target_ip_address>Sql Injection:
Sqlmap
python3 sqlmap.py -u xxxxx --batch --banner --dbs --dump-all technique=E --risk 3 --level 4 -v 3 --prefix="'" --suffix="--" --flush-session --random-agent issue Firewalls
Google Dorks :
site:jfrog.io "example"
site:firebaseio.com "example"
site:digitaloceanspaces.com "example.com"
site:http://sharepoint.com "example.com"
site:dev.azure.com "example.com"
site:box.com/s "example.com"
site:dropbox.com/s "example.com"
site:onedrive.live.com "example.com"
site:docs.google.com inurl:"/d/" "example.com"
https://whatsapp.com/channel/0029VaA7Zh45vKA5x0JF5Q0LUbuntu issue in Internet during webs hosting issue
Solution
sudo nano /etc/netplan/01-network-manager-all.yaml
network:
version: 2
renderer: networkd
ethernets:
ens33: #this is YOUR
dhcp4: true
sudo netplan generate
sudo netplan apply
3.
sudo nano /etc/resolv.conf
nameserver 8.8.8.8Ens33 is your ether eara ens33 to find your use ip a in Ubuntu
