All Security Engineering Courses

Windows Process Injection for Red-Blue Teams | #INE information : https://my.ine.com/CyberSecurity/courses/df404992/windows-process-injection-for-red-blue-teams https://t.me/SuBoXoneSoCiety

15 efficient commands for pentesting on Linux: nmap: nmap -p- <target IP> (Scan all ports on a target) netcat: nc -nv <target IP> <port> (Open a TCP connection to a target) tcpdump: tcpdump -i eth0 tcp port 80 (Capture network traffic on port 80) wireshark: wireshark (Start the Wireshark GUI) traceroute: traceroute <target IP> (Show the route that packets take to reach a target) dig: dig <target domain> (Query DNS information for a domain) whois: whois <target domain> (Lookup WHOIS information for a domain) ncat: ncat -lvp <port> (Listen on a specific port for incoming connections) snort: snort -c /etc/snort/snort.conf -l /var/log/snort/ -A console (Start Snort with a specific configuration file and log directory) john: john --wordlist=/usr/share/wordlists/rockyou.txt --format=raw-md5 <hashfile> (Crack an MD5 hash using the rockyou wordlist) hydra: hydra -l <username> -P /usr/share/wordlists/rockyou.txt <target IP> ssh (Brute-force SSH login using a username and password list) metasploit: msfconsole (Start the Metasploit Framework console) sqlmap: sqlmap -u "http://example.com/?id=1" --dbs (Scan a website for SQL injection vulnerabilities) nikto: nikto -h <target IP> (Scan a web server for vulnerabilities and misconfigurations) wpscan: wpscan --url <target URL> --enumerate u (Scan a WordPress site for vulnerabilities and user information) JOIN @codelivly FOR MORE! ✅

🔴Certificate Transparency Log ➡️https://certificate.transparency.dev/ 🔴Crtsh ➡️https://crt.sh/?q=domain 🔴 JLDC - 🔒 Click 🔴 Synapsint - 🔒 Click 🔴 Web Archive - 🔒 Click 📱 Amass

amass enum -passive -d domain.com

📱 Subfinder

subfinder -d domain.com -all -silent

📱 Assetfinder

assetfinder example.com

📱 Gau ➕ 📱 Unfurl

gau --subs example.com | unfurl -u domains

📱 Cero

cero example.com

📱 CTFR

python3 ctfr.py -d domain.com

🔴Active Crtsh Monitoring - 🔒 Click

gungnir -r domains.txt

🔒 Github Subdomains

github-subdomains -d example.com -t tokens.txt -o output.txt

📱 Gitlab Subdomains

gitlab-subdomains -d example.com

📱 Censys

python3 censys-subdomain-finder.py example.com

📱 Shodan

python shodomain.py <SHODAN-API-KEY> example.com

📱 Crobat

crobat -s example.com

📱 Cloud Recon

./cloud_data_search.sh -u -s Company_Name

#InfoSec #CyberSecurity #Hacking #bugbounty #bugbountyTools #bugbountytips #reconnaissance 🔹 Share & Support Us 🔹

🔖Subdomain Enumeration - DNS Brute Force You can perform DNS Brute forcing using 📱 PureDNS. Installation

git clone https://github.com/blechschmidt/massdns.git
cd massdns
make
sudo make install
go install github.com/d3mondev/puredns/v2@latest

Create A Resolvers List

git clone https://github.com/vortexau/dnsvalidator.git
cd dnsvalidator/
pip3 install -r requirements.txt
pip3  install setuptools==58.2.0
python3 setup.py install
dnsvalidator -tL https://public-dns.info/nameservers.txt -threads 100 -o resolvers.txt

Download Wordlists Check this post. (Example wordlist for DNS Brute Force: 🔗 Link) Brute Forcing

puredns bruteforce wordlist.txt example.com -r resolvers.txt -w result.txt

#InfoSec #CyberSecurity #Hacking #bugbounty #bugbountyTools #bugbountytips #reconnaissance 🔹 Share & Support Us 🔹

🐎 Red Teaming with ServiceNow This blog post aims to highlight how access to ServiceNow can be abused to perform a range of attacks, of which 5 are described below: • Attack 1 – Custom Actions [Code Execution, Credential Retrieval] • Attack 2 – Discovery [Credential Capture, Code Execution] • Attack 3 – Orchestration [Relaying, Code Execution, Active Directory Modification] • Attack 4 – LDAP Listener [Credential Capture] • Attack 5 – Relaying [Credential Capture, Execution, Active Directory Modification]