API tools faq
paste
viprajput

g2s6

viprajput
Jul 9th, 2018
58
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.32 KB | None | 0 0
raw download clone embed print report
  1. GRADE 2 Session 6
  2. =================
  3.  
  4. NSA --> Network Security Analysis
  5. =================================
  6.  
  7. Information Gathering
  8. ---------------------
  9. When ever we perform or we try to exploit any device, which is coonected in the network, then, we need to have some specific information. We cannot exploit the target just by using target's IP address. So we need to perform Network Security Analysis.
  10.  
  11. We have two types of Information Gathering
  12. 1. Normal Information Gathering
  13. 2. Intelligent|Advance Information Gathering
  14.  
  15. 1. Normal Information Gathering
  16. -------------------------------
  17. It is the informatin Gathering in which we get IP addresses, MAC addresses, Vendor name and device name only. Which is again a good part but not enough for exploiting.
  18. Microsoft OS --> Cain & Able
  19. Angry IP Scanner
  20. Advance IP Scanner
  21. Softperfect Network Scanner
  22. Linux Based OS --> netdiscover
  23. arp-scan
  24.  
  25. 2. Intelligent|Advance Information Gathering
  26. --------------------------------------------
  27. This is deep informatin Gathering. In this type of informatin Gathering, we receive much more information as compare to Normal Information Gathering.
  28. The Information we receive:
  29. IP Address
  30. MAC Address
  31. Services
  32. Service Version
  33. Port Number Which are being used
  34. OS Version
  35. OS Family
  36. OS Build Number
  37. VULNERABILITY
  38.  
  39. Best tool ever for network informatin Gathering
  40. NMAP --> CLI --> Command Line Interface
  41. ZENMAP -> GUI --> Graphical User Interface
  42.  
  43. NMAP --> Network Mapping
  44. ====
  45. It is the best network scanning tool with multiple types of scan. It is network discovery tool and exploring tool. It is already installed in Kali Linux.
  46. Scans
  47. -----
  48. 1. To scan the whole network.
  49. -----------------------------
  50. #nmap 192.168.195.1/24
  51. #nmap 192.168.195.1-255
  52.  
  53. PORT STATE SERVICE
  54. Port Number OPEN Protocol|Service
  55. CLOSED
  56. FILTERED
  57. OPEN --> Open means that an application on the target machine
  58. is listening for connections/packets on that port.
  59. CLOSED -> Closed ports have no application listening on them, though they could open up at any time.
  60. FILTERED --> There is either of the things deployed
  61. Firewall
  62. IPS
  63. IDS
  64. WAF
  65. OPEN|FILTERED
  66. CLOSED|FILTERED
  67. 2. To scan a specific IP Address
  68. --------------------------------
  69. #nmap 192.168.195.192
  70. nmap <IP Address>
  71.  
  72. 3. To get the services
  73. ----------------------
  74. #nmap -sS 192.168.195.192
  75. -s --> To run a script
  76. S --> It is a service scanning script
  77.  
  78. 4. To scan the version of the services
  79. --------------------------------------
  80. #nmap -sS -sV 192.168.195.192
  81. -s --> to run a script
  82. S --> Service Detection
  83. V --> Version Detection
  84.  
  85. 5. To gather other minute information about the services
  86. --------------------------------------------------------
  87. #nmap -sS -sC -sV 192.168.195.192
  88. C --> to gether other information completely
  89.  
  90. 6. OS Detection Only
  91. --------------------
  92. #nmap -O 192.168.195.192
  93.  
  94. 7. Aggressive Scan
  95. ------------------
  96. #nmap -A -T4 192.168.195.192
  97. -A --> Aggressive Scan
  98. -T --> Time duration between two consecutive packets
  99. 4
  100.  
  101. 8. To detect a firewall
  102. -----------------------
  103. #nmap -f 192.168.195.192
  104.  
  105. 9. To do fast|quick scan
  106. ------------------------
  107. #nmap -F 192.168.195.192
  108.  
  109. 10. When Firewall is up
  110. -----------------------
  111. #nmap -Pn 192.168.195.192
  112. #nmap -Pn -sS -sC -sV -O 192.168.195.192
  113.  
  114. 11. To scan a specific port
  115. ---------------------------
  116. #nmap 192.168.195.192 -p 80,3306 --> scan port 80 and 3306
  117. #nmap 192.168.195.192 -p 80-3306 --> scan a range of port from 80-3306
  118.  
  119.  
  120. 12. Vulnerability Script
  121. --------------------------
  122. # nmap --script vuln IPADDRESS
  123.  
  124. 13. MIgrating SCans
  125.  
  126. #nmap -Pn -p80 -sS -sV -sC 192.168.195.192
  127.  
  128. ZENMAP
  129. ======
  130. Graphical representation of NMAP. Data in this scanning is not accurate and it generates the noise in the network.
  131. IP Address
  132. Type Of scan
  133. Click on scan
  134. Enjoy :)
  135.  
  136. Metasploit Framework
  137. ====================
  138. Tool used for exploitation purposes. Most of the researchers uses this tool for exploiting devices, machine, databases and servers.
  139. This tool is a product of Rapid7 community.
  140. Metasploit Framework we use is a trial version|limited version.
  141.  
  142.  
  143. MODULE CONTAINING :
  144.  
  145. Payloads
  146. Exploits
  147. Auxiliary
  148. Encoders
  149. NOPS
  150. Post
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!