ABOUT THE AUTHOR! His name is Esmail was graduated from HUST university majored in Telecom eng and had certificate in "Penetration TESTING AND ethical hacking" and energetic to gain more skills in cybersecurity . for any Questions pm me via my email address
ᶤᶰ ᵗʰᶤˢ ᵃʳᵗᶤᶜˡᵉ ʸᵒᵘ ʷᶤˡˡ ᵇᵉ ᵃᵇˡᵉ ᵗᵒ ˡᵉᵃʳᶰ ᵖᵉᶰ ᵗᵉˢᵗᶤᶰᵍ ᵐᵉᵗʰᵒᵈˢ ᵒᶰᵉ ᵇʸ ᵒᶰᵉ
ᵖᵃʸ ᵃᵗᵗᵉᶰᵗᶤᵒᶰ ᵇᵉᶠᵒʳᵉ ʸᵒᵘ ˢᵗᵃʳᵗ ᵈᵒᶤᶰᵍ ᵖᵉᶰ ᵗᵉˢᵗᶤᶰᵍ ᵒᶰ ᵃᶰʸ ʷᵉᵇˢᶤᵗᵉ ʸᵒᵘ ʰᵃᵛᵉ ᵗᵒ ᵗᵃᵏᵉ ᵖᵉʳᵐᶤˢˢᶤᵒᶰ ᶠʳᵒᵐ ᵗʰᵉᵐ
ᵒᵗʰᵉʳʷᶤˢᵉ ᵃᵐ ᶰᵒᵗ ʳᵉˢᵖᵒᶰˢᶤᵇˡᵉ ᵃᵇᵒᵘᵗ ᵃᶰʸ ᵗʰᶤᶰᵍˢ ʰᵃᵖᵖᵉᶰ ᵗᵒ ᵃᵐᵖᵠᵘᵒᵗʸᵒᵘᵃᵐᵖᵠᵘᵒᵗ
$~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
BEFORE YOU MOVE ON YOU MOST HAVE BACKGROUD IN NETWORKING (protocols and port ....etc ) ,
WEB APPLICATION DESIGN (HTML,PHP & JAVA) , KNOWLEGE IN DIFFERENT OPERATION SYSTEM AND
BASIC KNOWLEGS IN PROGRAMMING LANGUAGE (PYTHON,C , SQL ...etc)
and I highly recommend this website to learn more about ethical hacking "𝐶𝑌𝐵𝑅𝐴𝑅𝑌.𝐼𝑇" .
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
➊ Reconncanceing and Scanning : ^
^
by using TOOLS and websites >>> ^
^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- nslookup : nsloolup "target website" .
- hping3 : hping3 -8 "port-port" -S "website".
- ping : ping "target ip or DNS".
- dig : dig "target website" ANY #ANY is to show you all DNS info .
- whois :whois "DNS server".
- nmap : nmap -sV -sC -A "target ip" .
- nikto : nikto -h "target ip or DNS" .
- netdiscover: netdiscover -i (interface) -P .
- osint (phoneinfoga): python3 phoneinfoga.py -n "phone NUM" #get this tool from GITHUB .
- sherlock : python3 sherlock.py "target name" . #get this tool from GITHUB
- wireshark: it has GUI.
- "shodan" and "zoomeye" for gather website info .
- Nessus\ is a remote security scanning tool, which scans a computer and raises an alert
if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network.
#Summery is to check the TCP & UDP ports if its open or not and gather the
information about DNS server and MAC address and the activity of the network
and show you if the target use firewall or not and the vulnerabilities of the system .
$~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
➊ Exploitation and maintenance access : ^
^
by using TOOLS and websites >>> ^
^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Overview ~
This is the most diffecult section and you have to be patient and think out of the box in order to well-perform and crack
the vulnerable ports and it's may take to some time ....
the first thing i always do after the first step of the pentest is to check the version and detials of the targeted open ports
and discover about it and see how its secure in ( vlunerable.com )
secondly for exploiting there are so many tools ..
and the famuse one is :::
-metasploit \ used for break the vulnerable websites .
-hydra or xhydra \ used to crack the ports like : ssh,http,smtp,ftp,telnet,RPC .... and much more .
nmap \ also nmap has the abilitsdy to exploit vlunerable ports by using spicefic scrip .
brupsuite \ using to exploit vulnerable websites .
Medusa\ perfect tool use to exploit the service and remote as like administator .
in the END you can write an intelligece report about methodology, procedures, proper explanation of report content and design,
detailed example of testing report, and tester’s personal experience. Once the report is prepared, it is shared
among the senior management staff and technical team for the awareness. I Prever to use excel to prescribe it.
---------Thanks for your reading--------