Kali Linux provides us with several useful tools that we could use for penetration testing. Not forgetting one of its useful multi-function tools called Armitage. It is an attack management tools with Graphical User Interface that makes it easier for us to do penetration testing. Actually, It is more accurately a graphical interface for Metasploit framework. If you would like to know more about Metasploit framework. You can read What is Metasploit Project? by Margaret Rouse
In this post I will only show how to scan a range of network, the open port and the type of OS.
Today, I got a lecture about how to enumerate data and was given a task.
Our task was to do these three things:
- Enumeration User wp1.pentest.id
- Enumeration User jo1.pentest.id
- Enumeration User Email @pentest.id
Several tools that were suggested:
so now I would like to show the results and techniques that I used to solve these task.
Last week, my lecturer asked us to study about Linux command. However, studying about command line was not one of my favorite things, but at that time my friend suggested that I study Linux command from a game on the web called OverTheWire: Bandit.
This game consist of 26 level that encourage us to explore some of fundamental linux command that might be useful for us later on. It is a pretty interesting game.
Below is some of the screenshot of how to play it.
In this post I would like to give a simple tutorial of how to install virtual box and would like to show you a simple way to create a kali linux virtual machine. The link to the video version of the tutorial will be given at the bottom of this post.
Kali Linux Testing Methodology (Target scoping and Information Gathering)
- Target scoping
Before starting the security assessment, we need to know what should be tested, how to test it (penetration testing plan), what condition should be applied during the penetration testing, what is the business objective, and how long will it takes to do the penetration testing
- Information gathering
Once we have get the target scoping, we need to gather the information that we need
For instance, the company’s ISP, name, address, website, operating system supported, and so on. Continue reading
The content of this post might not be 100% accurate because it is based on writer’s research and knowledge from internet resources, lectures, and experiences.
Nowadays, we usually hear the term hacking as something related to cyber attack, denial of service, IP spoofing, and other things that are related to bad things. It is inevitable that hackers are the cause of those problem. However, do you know that hacking is not always bad? Hacking can give improvement for companies’ security systems and patch the vulnerable part of the system. Therefore, the term ‘ethical hacking’ comes up.