Real World Tools

Posted on | Post modified | In |

Real World Tools

Kali-Linux

有關Kali的所有工具可以直接參考Operating Systems for Ethical Hackers - A Platform Comparison of Kali Linux and Parrot OS :::info ul Hassan, S. Z., Muzaffar, Z., & Ahmad, S. Z. (2021). Operating Systems for Ethical Hackers-A Platform Comparison of Kali Linux and Parrot OS. International Journal, 10(3). ::: 裡面有詳細分類

  • Information Gathering Tools(67)
  • Vulnerability Analysis Tools(27)
  • Exploitation Tools(21)
  • Wireless Attacks Tools(54)
  • Forensics Tools(23)
  • Web Applications tools(43)
  • Stress Testing tools(14)
  • Sniffing & Spoofing Tools(33)
  • Password Attacks Tools(39)
  • Maintaining Access Tools(17)
  • Reverse Engineering Tools(11)
  • Reporting Tools(10)
  • Hardware Hacking(6)
  • Some Parrot OS in-built tools(20)

Recon

  • Google Hacking :::spoiler Description | Syntax | Description | Example | | —— | ———– | ——- | |+|連接多個關鍵字|–| |-|忽略關鍵字|–| |..|範圍|–| |*|萬用字元|–| |’‘|精準查詢,一定要符合關鍵字|index of| |intext|搜尋網頁內容,列出符合關鍵字的網頁|intext:SECRET_KEY| |intitle|搜尋網頁中的標題|intitle:index of| |define|搜尋關鍵字的定義|define:hacker| |filetype|搜尋指定類型的文件|filetype:pdf| |info|搜尋指定網站的基本資訊|info:www.fcu.edu.tw| |related|搜尋類似於指定網站的其他網站|related:www.fcu.edu.tw| |inurl|尋找指定的字串是否在網址列當中|inurl:www.fcu.edu.tw| | site | 搜尋指定網址的內容|site:www.fcu.edu.tw| :::

  • Shodan / Censys :::spoiler Description :::

Dictionary Brute Force

  • John The Ripper 
    1
    2
    3
    4
    5
    		 
      # NTLM
  $ ./run/john.exe {pwn file} --wordlist={dictionary path} --format={NT...}
    
  # JWT
  $ john jwt.txt --wordlist={e.g. /usr/share/wordlists/rockyou.txt} --format={jwt alg, e.g. HMAC-SHA256}
  • Rockyou.txt
  • Online Tool 1
  • Online Tool 2
  • hashcat: 
    1
    2
    3
    4
    5
    		 
      # NTLM
  $ hashcat -a 0 -m 1000 {ntlm.hash} {rockyou.txt} --force
    
  # JWT
  $ hashcat -a 3 -m 16500 {jwt.txt} {secrets format, e.g. ?a?a?a?a}

Escalation

Overall

  • Mitre ATT&CK
  • 如果要查常用指令怎麼下,可以找tldr

Inspect

OSINT