Real World Tools

Posted on | Post modified | In |

Real World Tools

Kali-Linux

有關Kali的所有工具可以直接參考Operating Systems for Ethical Hackers - A Platform Comparison of Kali Linux and Parrot OS

  • ul Hassan, S. Z., Muzaffar, Z., & Ahmad, S. Z. (2021). Operating Systems for Ethical Hackers-A Platform Comparison of Kali Linux and Parrot OS. International Journal, 10(3).

裡面有詳細分類

  • Information Gathering Tools(67)
  • Vulnerability Analysis Tools(27)
  • Exploitation Tools(21)
  • Wireless Attacks Tools(54)
  • Forensics Tools(23)
  • Web Applications tools(43)
  • Stress Testing tools(14)
  • Sniffing & Spoofing Tools(33)
  • Password Attacks Tools(39)
  • Maintaining Access Tools(17)
  • Reverse Engineering Tools(11)
  • Reporting Tools(10)
  • Hardware Hacking(6)
  • Some Parrot OS in-built tools(20)

Recon

  • Google Hacking

    Syntax Description Example
    + 連接多個關鍵字
    - 忽略關鍵字
    .. 範圍
    * 萬用字元
    ’’ 精準查詢,一定要符合關鍵字 index of
    intext 搜尋網頁內容,列出符合關鍵字的網頁 intext:SECRET_KEY
    intitle 搜尋網頁中的標題 intitle:index of
    define 搜尋關鍵字的定義 define:hacker
    filetype 搜尋指定類型的文件 filetype:pdf
    info 搜尋指定網站的基本資訊 info:www.fcu.edu.tw
    related 搜尋類似於指定網站的其他網站 related:www.fcu.edu.tw
    inurl 尋找指定的字串是否在網址列當中 inurl:www.fcu.edu.tw
    site 搜尋指定網址的內容 site:www.fcu.edu.tw

  • Shodan / Censys

Dictionary Brute Force

  • John The Ripper 
    1
    2
    3
    4
    5
    		 
      # NTLM
  $ ./run/john.exe {pwn file} --wordlist={dictionary path} --format={NT...}
    
  # JWT
  $ john jwt.txt --wordlist={e.g. /usr/share/wordlists/rockyou.txt} --format={jwt alg, e.g. HMAC-SHA256}
  • Rockyou.txt
  • Online Tool 1
  • Online Tool 2
  • hashcat: 
    1
    2
    3
    4
    5
    		 
      # NTLM
  $ hashcat -a 0 -m 1000 {ntlm.hash} {rockyou.txt} --force
    
  # JWT
  $ hashcat -a 3 -m 16500 {jwt.txt} {secrets format, e.g. ?a?a?a?a}

Escalation

Overall

  • Mitre ATT&CK
  • 如果要查常用指令怎麼下,可以找tldr

Inspect

OSINT