Network Vulnerability attack tools
First msfupdate upgrade:
Then select msfconsole:
Next:
/shell/
In this way, a cmd shell can be rebounded.
Introduction to penetration tools in Windows
DNS collection.
Automated web Application Security Vulnerability Assessment can scan and detect common web application security vulnerabilities, such as SQL injection, cross-site scripting attacks, buffer overflow, and the latest FLASH/FLEX application and web application exposure.
Find the available information about the IP address, host name, or domain name, including the country, state or province, sinchu city, network supplier, network administrator, and technical support information.
If a hacker wants to query certain information of a company with a domain name, he can usually execute the whois command on the domain name to find the additional information. In most UNIX versions, whois is installed. Therefore, hackers only need to enter the "whois domain name to attack" in front of the terminal window or command prompt. For windows operating systems, a third-party tool is required to execute the whois command: sam spade.
It can crack screen saver, PWL password, shared password, cache password, remote Shared Password, SMB password, support for VNC password decoding, Cisco Type-7 password decoding, Base64 password decoding, SQL Server 7.0/ 2000 password decoding, Remote Desktop password decoding, Access Database Password decoding, Cisco PIX Firewall password decoding, Cisco MD5 decoding, NTLM Session Security Password decoding, IKE Aggressive Mode Pre-Shared Keys password decoding, etc. integrated tools, it also supports remote cracking, Dictionary mounting, and brute-force cracking. Its sniffer function is extremely powerful, and almost all account passwords can be captured in plain text, including FTP, HTTP, IMAP, POP3, SMB, TELNET, VNC, TDS, SMTP, MSKERB5-PREAUTH, MSN, RADIUS-KEYS, RADIUS-USERS, ICQ, IKE Aggressive Mode Pre-Shared Keys authentications, etc.
You can find out more metadata about any file provided by the analysis website.
As mentioned above. =
A network scanner can also be used to see what other computers are downloading.
Metasploit is an open-source security vulnerability detection tool that helps security and IT professionals identify security issues, verify vulnerability mitigation measures, and manage expert-driven security assessment, provides real security risk intelligence. These functions include intelligent development, password auditing, Web application scanning, and social engineering. The team worked together to present their findings in Metasploit and the comprehensive report.
Firefox plugin.
Thanks again for the book back track 5, from entry to mastery-penetration.
This book is completed by learning, operating, recording, and sharing, but there are still many tools in BT5. In the future, I will mainly share the useful and useful tools.
I hope that this book will be followed by BT5. It will be helpful when you open every tool ~~~ In fact, you can directly view the help, but it is all in English, although I personally think my English is good.
Reprinted please indicate the source: http://www.cnblogs.com/yydcdut/p/3491302.html