API tools faq
paste
viprajput

g2s6

viprajput
Jun 28th, 2018
58
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.54 KB | None | 0 0
raw download clone embed print report
  1. GRADE 2 Session 6
  2. =================
  3.  
  4. NSA --> Network Security Analysis
  5. =================================
  6.  
  7. Information Gathering
  8. ---------------------
  9. When ever we perform or we try to exploit any device, which is coonected in the network, then, we need to have some specific information. We cannot exploit the target just by using target's IP address. So we need to perform Network Security Analysis.
  10.  
  11. We have two types of Information Gathering
  12. 1. Normal Information Gathering
  13. 2. Intelligent|Advance Information Gathering
  14.  
  15. 1. Normal Information Gathering
  16. -------------------------------
  17. It is the informatin Gathering in which we get IP addresses, MAC addresses, Vendor name and device name only. Which is again a good part but not enough for exploiting.
  18. Microsoft OS --> Cain & Able
  19. Angry IP Scanner
  20. Advance IP Scanner
  21. Softperfect Network Scanner
  22. Linux Based OS --> netdiscover
  23. arp-scan
  24.  
  25. 2. Intelligent|Advance Information Gathering
  26. --------------------------------------------
  27. This is deep informatin Gathering. In this type of informatin Gathering, we receive much more information as compare to Normal Information Gathering.
  28. The Information we receive:
  29. IP Address
  30. MAC Address
  31. Services
  32. Service Version
  33. Port Number Which are being used
  34. OS Version
  35. OS Family
  36. OS Build Number
  37. VULNERABILITY
  38.  
  39. Best tool ever for network informatin Gathering
  40. NMAP --> CLI --> Command Line Interface
  41. ZENMAP -> GUI --> Graphical User Interface
  42.  
  43. NMAP --> Network Mapping
  44. ====
  45. It is the best network scanning tool with multiple types of scan. It is network discovery tool and exploring tool. It is already installed in Kali Linux.
  46. Scans
  47. -----
  48. 1. To scan the whole network.
  49. -----------------------------
  50. #nmap 192.168.195.1/24
  51. #nmap 192.168.195.1-255
  52.  
  53. PORT STATE SERVICE
  54. Port Number OPEN Protocol|Service
  55. CLOSED
  56. FILTERED
  57. OPEN --> Open means that an application on the target machine
  58. is listening for connections/packets on that port.
  59. CLOSED -> Closed ports have no application listening on them, though they could open up at any time.
  60. FILTERED --> There is either of the things deployed
  61. Firewall
  62. IPS
  63. IDS
  64. WAF
  65. OPEN|FILTERED
  66. CLOSED|FILTERED
  67. 2. To scan a specific IP Address
  68. --------------------------------
  69. #nmap 192.168.195.170
  70. nmap <IP Address>
  71.  
  72. 3. To get the services
  73. ----------------------
  74. #nmap -sS 192.168.195.170
  75. -s --> To run a script
  76. S --> It is a service scanning script
  77.  
  78. 4. To scan the version of the services
  79. --------------------------------------
  80. #nmap -sS -sV 192.168.195.170
  81. -s --> to run a script
  82. S --> Service Detection
  83. V --> Version Detection
  84.  
  85. 5. To gather other minute information about the services
  86. --------------------------------------------------------
  87. #nmap -sS -sC -sV 192.168.195.170
  88. C --> to gether other information completely
  89.  
  90. 6. OS Detection Only
  91. --------------------
  92. #nmap -O 192.168.195.170
  93.  
  94. 7. Aggressive Scan
  95. ------------------
  96. #nmap -A -T4 192.168.195.170
  97. -A --> Aggressive Scan
  98. -T --> Time duration between two consecutive packets
  99. 4
  100.  
  101. 8. To detect a firewall
  102. -----------------------
  103. #nmap -f 192.168.195.170
  104.  
  105. 9. To do fast|quick scan
  106. ------------------------
  107. #nmap -F 192.168.195.170
  108.  
  109. 10. When Firewall is up
  110. -----------------------
  111. #nmap -Pn 192.168.195.170
  112. #nmap -Pn -sS -sC -sV -O 192.168.195.170
  113.  
  114. 11. To scan a specific port
  115. ---------------------------
  116. #nmap 192.168.195.170 -p 80,3306 --> scan port 80 and 3306
  117. #nmap 192.168.195.170 -p 80-3306 --> scan a range of port from 80-3306
  118.  
  119. TCP|UDP|ACK SCAN|STEALTH SCAN
  120. man nmap
  121.  
  122. 12. Vulnerability Script
  123. --------------------------
  124. # nmap --script vuln IPADDRESS
  125.  
  126. ZENMAP
  127. ======
  128. Graphical representation of NMAP. Data in this scanning is not accurate and it generates the noise in the network.
  129. IP Address
  130. Type Of scan
  131. Click on scan
  132. Enjoy :)
  133.  
  134. Metasploit Framework
  135. ====================
  136. Tool used for exploitation purposes. Most of the researchers uses this tool for exploiting devices, machine, databases and servers.
  137. This tool is a product of Rapid7 community.
  138. Metasploit Framework we use is a trial version|limited version.
  139.  
  140.  
  141. MODULE CONTAINING :
  142.  
  143. Payloads
  144. Exploits
  145. Auxiliary
  146. Encoders
  147. NOPS
  148. Post
  149.  
  150.  
  151. Technical Terms
  152. ===============
  153. Vulnerability
  154. Exploit
  155. Payload
  156. Backdoor
  157. Covering Traces
  158.  
  159. 5 Phases of Hacking
  160. ===================
  161. 1. Information Gathering
  162. 2. Scanning
  163. 3. Gaining Access
  164. 4. Maintaining Access
  165. 5. Covering Traces
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!