InfoSec, Linux help

Kali Linux unable to install VBox Guest Additions after upgrade

I've searched far and wide and found numerous answers to this question, but none of them seem to work...SO, if they don't work for you then please try this one. Firstly every time I tried to run this I got an error about my missing headers: ./VBoxLinuxAdditions.run Building the VirtualBox Guest Additions kernel modules. This… Continue reading Kali Linux unable to install VBox Guest Additions after upgrade

Advertisements
InfoSec

Three tools for bruteforcing

Hydra, Ncrack and Medusa (although ncrack is no longer being actively developed and supported): hydra -L /usr/share/seclists/Usernames/top_shortlist.txt -P /usr/share/seclists/Passwords/top_shortlist.txt ssh://192.168.1.5 medusa -h 192.168.1.5 -M ssh -U /usr/share/seclists/Usernames/top_shortlist.txt -P /usr/share/seclists/Passwords/top_shortlist.txt ncrack -vv -U /usr/share/seclists/Usernames/top_shortlist.txt -P /usr/share/seclists/Passwords/top_shortlist.txt 192.168.1.5 -p ssh Please make sure that you have a good word and password list for this exercise. It might… Continue reading Three tools for bruteforcing

InfoSec

Performing MitM attacks using arpspoof

In this scenario we will perform a MitM attack though arp spoofing. The concept basically comes down to ensuring that you can poison the arp table of the target machine and also the arp table of it's default gateway. For this example we will use arpspoof with the target's IP set to 10.10.10.20 and it's… Continue reading Performing MitM attacks using arpspoof

InfoSec

WHOIS for gathering more domain information

To find out information pertaining to the owners of a domain you can make use of the whois tool: whois website.domain.domain Of course you do not have to settle for the information returned in the previous request - you can specify the whois server you would like to query to perhaps return even more information:… Continue reading WHOIS for gathering more domain information

InfoSec

DNSENUM for DNS Queries

Another tool I want to write about is the DNSENUM tool: dnsenum website.domain (This is the most basic of queries) dnsenum website.domain --dnsserver ns.domain.domain (Once you find the ns servers responsible for the domain you can specify them manually with the --dnsserver flag) You can also attempt a brute force enumeration by specifying the brute force… Continue reading DNSENUM for DNS Queries

InfoSec, Linux help

DIG for DNS Queries

Another handy tool for making DNS queries is DIG. dig domain.domain (This is the default and simplest query, but it will provide you with a treasure trove of DNS info) dig +nocmd domain.domain MX +noall +answer (The nocmd option specifies that the request details should not be in the output, and the trailing part will… Continue reading DIG for DNS Queries