Pentester Blogs

Wireshark essential tutorial What we are going to do? In this post, we will start learning Wireshark from the scratch. I’ll show the menus, filters and many other options. Most of the people know about Wirehsark, but they don’t want to try it, because they simply don’t know how to write filters. My key focus will be on creating filter, not writing filters. Yes it is true, that you can make filters without learning those filter parameters. On simple words, you can use Wireshark without touching the keyboard. Those who have kali linux, they have it in Kalilinux. I’ll be using wireshark 32 bit version. I’ll concentrate on HTTP traffic throughout the tutorial. So let’s start with little bit of theory

How to run Maltego Chlorine What is Maltego Maltego is proprietary software by Paterva commonly used for open-source intelligence and forensics,. It mainly focuses on discovering of data from open sources and visualizing that information suitable for link analysis and data mining. The core focus of the application is to analyze real-world relationships between people or a group, sometimes websites, domains or even networks, internet infrastructure, and connection with online social networking sites. Maltego has gained lots of attention from security researchers, according to the Open Web Application Security Project (OWASP).

A short tutorial for using NMAP   I hear a lots of questions like, how do we scope assets, or how do I manage my asset inventory. Well the answer is NMAP. Nmap is a quite handy tool, that'll allow you to map ip address with assets, create an asset inventory, or even  a small vulnerability scans. Here we'll talk about how to run an nmap full scan, nmap all port scan or nmap specific port scan For all those newbies out there, I’m just starting from scratch. As you all know NMAP means network mapping. This is a small tool which every pentester and network/system administrator must know. Most of my friends complain that Nmap is so vast; they don’t know how to set or why to set certain attributes before initiating a scan. To understand the working of Nmap properly, you need to how a system works in network. I’m not planning to go into core basics, but we’ll touch whatever is essential.

Scanning Assets After the initial reconnaissance, a pentester identifies the target system, as discussed before the pentester concentrates on getting a mode of entry into the target system. The scanning phase can not be limited to intrusion alone. It can be extended form of reconnaissance where the pentester learns more about target, like what operating system is being used, what services  are being run on the systems, and any configuration lapses if any of it can be identified. The pentester can then strategize his/her attack, factoring in these aspects. Footprinting is the first phase of pentesting, in which the pentester gains information about the target, passively or actively. Footprinting alone is not enough for pentesting because it will only give the pentester an overview or primary information about the target. The pentester can use this primary information in the next phase to gather even more in-depth details about the target. This process of gathering in-depth

If you see any of these ports open, then you should double check if it is really a Trojan or not. Trojans basically provide "Remote access" to it's command and control center TCP 1 Breach.2001, SocketsDeTroie.230, SocketsDeTroie.250 TCP 28 Amanda.200 TCP 31 MastersParadise.920 TCP 68 Subseven.100 TCP 142 NetTaxi.180 TCP 146 Infector.141, Intruder.100, Intruder.100 TCP 171 ATrojan.200 TCP 285 WCTrojan.100 TCP 286 WCTrojan.100 TCP 334 Backage.310 TCP 370 NeuroticKat.120, NeuroticKat.130 TCP 413 Coma.109 TCP 420 Breach.450 TCP 555 Id2001.100, PhaseZero.100, StealthSpy.100 TCP 623 Rtb666.160 TCP 660 Zaratustra.100

Passive Information gathering refers to the process of collecting information about a target network and its environment by passive methods.   The entire “information gathering ” is considered as a ״ methodological ” procedure, because those critical information gathered, is categorized based on a previous discovery. The Idea of information gathering is have an entire blueprint of the network infrastructure of the target organization. The blueprints will be probably unique for each and every branch. Passive information gathering is completely harmless to the target organization since we do not directly engage with the target organization. Technically speaking, we have four intention while performing information gathering 1. Collect all available information, passively and actively about the target and its network 2. Identify the operating system, platforms, web server versions, etc. 3. Perform techniques such as Whois llokup, DNS fingerprinting, other network and organiz

The very first phase of pentesting is Foot printing and reconnaissance. The idea is to develop a picture of our client before performing a test. Generally speaking foot printing and reconnaissance is only done for black box pentesting. But even if we are performing white or gray box testing, we’ll plot an idea about where to start and how to start the test. Specifically in white box testing, if we need some clarification with a few of the points given by the clients then, definitely we ask for them to clear it for us. In black box testing we identify whether any information is leaked to internet unknowingly by the client. Hence black box testing is the best way for security assessment, since it gives full picture about what information is disclosed. For a malicious hacker any information that is readily available on internet is useful to him. Before we jump into the technical we need to know a few basic terms used in information gathering. These terms helps to understand t

Kali linux is one of the most commonly used penetration testing distros, which is one of the commonly user tiger boxes, among pentesters. It is mostly used tools for penetration testing, cyber forensics and malware analysis. I hope you've already downloaded you matching version of Kali Linux. If not please download from the following link  https://www.kali.org/downloads/ Before we start, it is always best do review on the basics of virtualization. Please go through the following link before proceeding http://pentesterblogs.blogspot.in/2016/07/pentest-lab.html   At the time when I'm writing this blog Kali Linux has stable release "rolling".

Today we’ll build or technically speaking “virtualize” our demo labs. Most of the intentionally vulnerable applications which we see in internet are in a specific format known as “ ova (open virtualization archive)” or “ ov f (open virtualization format)”, which you can directly import without any issues. Before we start building a virtual machine we need to know some essential basics. The real machine in which you’ve have installed virtualization software is called as host / physical machine. And the virtual machine running inside host machine is known as guest / virtual machines

  I hear lots of queries regarding how to set up a Pentest lab .  There are two ways in which you can set up private testing labs. Use physical hardware to build Use one physical hardware and virtualize everything in it   fig1

Penetration testing is just like hacking in an ethical way. We follow the same procedures, tools and tricks to mock a hacker’s attempt to take over an enterprise networks/systems. The one who execute penetration testing is known as a ” P en-tester” . The pentester first do a vulnerability assessment, in which he list out known vulnerabilities in existing in network. With respect to vulnerabilities received he tries to exploit them, which is known as " P entesting" . He records the maximum level/depth he could reach. The pen tester then creates a detailed report about vulnerabilities and their impact on the network. These reports will have recommendation to fix these vulnerabilities or to mitigate them.

Hub Hub is a network hardware device for connecting multiple Ethernet devices together and making them act as a single network segment and handles a data type known as frames. It has multiple input/output (I/O) ports, in which a signal introduced at the input of any port appears at the output of every port except the original incoming. When a frame is received, it is amplified and then transmitted on to the port of the destination PC.A frame is passed along or "broadcast" to every one of its ports. A hub works at the physical layer (layer 1) of the OSI model.  

Networking Terminologies Open System Interconnection (OSI) The OSI model takes the task of inter-networking and divides that up into what is referred to as a vertical stack that consists of 7 layers. The Open Systems Interconnection model (OSI model) is a conceptual model, in fact, it's not even tangible. It doesn't perform any functions in the networking process. It is a conceptual framework so we can better understand complex interactions that are happening.

Info-sec Terminologies.  For being a good pentester, you must know what exactly a word means, whenever you cross it. So I'm adding few words and its description below. I've only added a few to start with, we'll learn more on the way.

Hello all, Just like you, I'm also a Information security enthusiast . The biggest challenge in infosec is that, when we are stuck, we have a very limited resources to look on, and have no idea which one to trust.In this blog I will be publishing all those stuff in detail, which I've learned from my past experience. This reminds me a quote which I've read.   "Mistakes are the best lessons, while experience is the best teacher" I have been working on both cyber security and information security for past few ye ars .This blog is intended to help security admins in identifying and managing their current security issues . We'll start from the scratch, from the very basics, build our own test environment, play around, break things, and we'll have lots and lots of adventures and fun, in the areas of Vulnerability Assessment , Penetration testing, Security Information and Event Management, PT standards .   Thanks & Regards Jenson Ja